aesencryption.net Open in urlscan Pro
94.177.176.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aesencryption.net/
Submission: On September 29 via manual (September 29th 2022, 10:11:06 am UTC) from NL — Scanned from IT

Summary HTTP 159 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 28 domains to perform 159 HTTP transactions. The main IP is 94.177.176.90, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is aesencryption.net.
TLS certificate: Issued by R3 on August 30th 2022. Valid for: 3 months.

This is the only time aesencryption.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	94.177.176.90 94.177.176.90	31034 (ARUBA-ASN) (ARUBA-ASN)
21	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
4	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4 13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	63.33.165.208 63.33.165.208	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.25.48 3.120.25.48	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.130.212 3.124.130.212	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:48cc:fe26:1b0:de7a	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:1f18:1ac... 2600:1f18:1aca:4280:6133:b508:364f:c43b	14618 (AMAZON-AES) (AMAZON-AES)
159	34

13 94.177.176.90 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host90-176-177-94.serverdedicati.aruba.it

aesencryption.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.165.208 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-165-208.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.25.48 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-25-48.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.130.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-130-212.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:48cc:fe26:1b0:de7a (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4280:6133:b508:364f:c43b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	462 KB
29	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299	154 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	221 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 782 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	98 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	204 KB
13	aesencryption.net aesencryption.net	235 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	175 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	3 KB
4	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3982	60 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 749	827 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
3	google.it adservice.google.it — Cisco Umbrella Rank: 47045 www.google.it — Cisco Umbrella Rank: 21487	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 555	571 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 924	462 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	4 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2301	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	457 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 647	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1470	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 979	463 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1488	295 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 650	762 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 344	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	650 B
159	28

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
21	pagead2.googlesyndication.com	aesencryption.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	s0.2mdn.net	aesencryption.net s0.2mdn.net googleads.g.doubleclick.net
13	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net aesencryption.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net aesencryption.net
13	aesencryption.net	aesencryption.net
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects aesencryption.net googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	aesencryption.net googleads.g.doubleclick.net
4	static.addtoany.com	aesencryption.net static.addtoany.com
3	onetag-sys.com	2 redirects aesencryption.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	aesencryption.net
2	fw.adsafeprotected.com	1 redirects aesencryption.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.it	pagead2.googlesyndication.com
2	www.google-analytics.com	aesencryption.net www.google-analytics.com
2	cdnjs.cloudflare.com	aesencryption.net cdnjs.cloudflare.com
2	www.paypalobjects.com	aesencryption.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	www.google.it	aesencryption.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
159	38

This site contains links to these domains. Also see Links.

Domain
silktide.com
random-color.net
youtubeloop.net
current-location.com
testmymicrophone.com
downloadthumbnail.com
webcamtest.net
base64image.org
www.addtoany.com

Subject Issuer	Validity	Valid
aesencryption.net R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://aesencryption.net/
Frame ID: FFA1BA55B5AD5EA24D9AB18973D9DB22
Requests: 39 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 0BF90D9EE2CAA5FD871E7AD26242D323
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Frame ID: 08DF68BE50B19D10C1C5A8121A9B0719
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&slotname=1776518717&adk=2466049890&adf=2275705056&pi=t.ma~as.1776518717&w=1130&fwrn=4&fwrnh=100&lmt=1664446259&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259226&bpp=17&bdt=609&idt=227&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=4905973425307&frm=20&pv=2&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Kf05mqW2DA&p=https%3A//aesencryption.net&dtd=325
Frame ID: 989DB210ED39651C2C9573E37F70C7C5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&adk=1812271804&adf=3025194257&lmt=1664446259&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Faesencryption.net%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259274&bpp=3&bdt=657&idt=337&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280&nras=1&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=350
Frame ID: F21381EAD6BB61DDE36D72F486B3D0CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
Frame ID: 9BDE4E0F9162E1602D225D8267B5C0D0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
Frame ID: F281028868F1C9A1C2387E8895EF3629
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 333778AB268E596EBD348418B51CADB6
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ9L_SlQIYuOKsvgEwAQ&v=APEucNWruM6UnrSsfsSrbu75_a8ZFSr61CHTGVLGMjuHIQbmtL2FuFaWWzXUw8dNjYdFaU3KEpqXHL3BsEBHmWy_YXlIzUFmWRd5rAmjgJAhtzfM-hQ0Ysi8wcVHJT5rJFCWoLsahC69QdhAlhfrwQJNqWJMJAGme0Ce9DvOu8DSVgqfphmgInU
Frame ID: 0680EA05EFD5A883BCA3AB43C0230437
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 400CFC0555491D25133E2E074061E069
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0B172A90D58FA8880EEF65B2E803BF99
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 541A3FF2164E18AF59E896EE0F212902
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FDB0A0726CB97B78D8AD9E5CDE26A35C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
Frame ID: 2DC362EFB90DF1D233AA5FF71C172713
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4F3FFC40841A75BB144D03BA8E67309
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: C72D90ECA96EEF1BF8448601B8915CF2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: E105EB2E9D5EE633EA76558E7F40A59D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E19ADC258A41884ACCB8AC4F3AF608DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84A8BE669E374479A52F6ABD131AEB5A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F38EEC67765781905C9D43A7FE873877
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AES encryption

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

92 %
HTTPS

53 %
IPv6

28
Domains

38
Subdomains

34
IPs

7
Countries

1646 kB
Transfer

3898 kB
Size

22
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://random-color.net/
Title: Generate Random Color

Search URL Search Domain Scan URL

URL: http://youtubeloop.net/
Title: Loop YouTube videos

Search URL Search Domain Scan URL

URL: http://current-location.com/
Title: Search on Instagram by location

Search URL Search Domain Scan URL

URL: https://testmymicrophone.com/
Title: Online microphone test

Search URL Search Domain Scan URL

URL: http://downloadthumbnail.com/
Title: Download YouTube Thumbnail

Search URL Search Domain Scan URL

URL: http://webcamtest.net/
Title: Webcam test

Search URL Search Domain Scan URL

URL: http://base64image.org/
Title: Convert Image to Base64 and back

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=http%3A%2F%2Faesencryption.net&title=Online%20AES%20encryption%20and%20decryption%20tool%20-%20128%2C%20192%2C%20256
Title: Share

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjFd-mzGfPlXxvIjuu8ze4&google_cver=1

Request Chain 63

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzVvNNmb8agDYD4pwnEeAwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBGvFAKgMnmFymN0CvRrk-I&google_cver=1

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELvucUUHCmYaPsjehjAsaPk&google_cver=1

Request Chain 65

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY3MDI5NjU2NzI4OTM2NDkzNA%3D%3D

Request Chain 104

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4F5NY_zp7XwlQn1AIpL113rO0JrBJCiVVv8eE4ydwhCoE3KPqgZbceKFg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4F5NY_zp7XwlQn1AIpL113rO0JrBJCiVVv8eE4ydwhCoE3KPqgZbceKFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHZzcmQyZnQxT0RRdnI1&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4F5NY_zp7XwlQn1AIpL113rO0JrBJCiVVv8eE4ydwhCoE3KPqgZbceKFg

Request Chain 106

https://d.agkn.com/pixel/2175/?google_gid=CAESEGJOuNQRuKvAKa4p4OEPqVk&google_cver=1&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM&google_hm=Q0FFU0VHSk91TlFSdUt2QUthNHA0T0VQcVZr

Request Chain 109

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBSEPYLWLmHkHlfM-leRwUE&google_cver=1&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59ZTkESL9EqEGFKa2TPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59ZTkESL9EqEGFKa2TPg

Request Chain 110

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBSEPYLWLmHkHlfM-leRwUE&google_cver=1&google_push=AZmPxg93Cfzy__Pah4hgXlFFBOcHQ-z9M7v7p0sXUxK0CEAIJaXTOkrnlEUaE6uDdQZwy2BOAIiw6D0FjgEYr7X_VTHZtNN0xLzqYMiJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg93Cfzy__Pah4hgXlFFBOcHQ-z9M7v7p0sXUxK0CEAIJaXTOkrnlEUaE6uDdQZwy2BOAIiw6D0FjgEYr7X_VTHZtNN0xLzqYMiJ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8xVIy7VFv67B7bm4RNx5Ee0JhmjYeV1YLbT1ve6Ic7KgnBYTxATEW_Y5O8rhJy-_wCJ5wOCM9Hgd4YciMeDWx8Wa1yVXU&google_gid=CAESENH0_b2qHxDtuDr-3yrxCbk&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLXe1ZkGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGc4eFZJeTdWRnY2N0I3Ym00Uk54NUVlMEpobWpZZVYxWUxiVDF2ZTZJYzdLZ25CWVR4QVRFV19ZNU84cmhKeS1fd0NKNXdPQ005SGdkNFljaU1lRFd4OFdhMXlWWFU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdkJqMTdXTE5EbDlfN3l5ZlE1cWhSQkVxWk82MDJtTkExMFh0S3pGbTU4Zw==&google_push

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED1en2zcg7qKB_YBM7bmw_g&google_cver=1&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrRCfgKGtBhFlW7FXhgZB63Ad_3q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNV0JVWE4tMTMtMkpD&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrRCfgKGtBhFlW7FXhgZB63Ad_3q

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_cver=1&google_push=AZmPxg-eEJ2T5th7jf_qWaFQQUaJ2LxiR2INO1bQ8XEBEXSyFRQ-JLZyajkj59ptOx4mMdC3atrsAmESQ7IDdRlIcH_ZhMqWfLkq HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_hm=YzVvNNmb8agDYD4pwnEeAwAAEUEAAAIB&google_nid=index&google_push=AZmPxg-eEJ2T5th7jf_qWaFQQUaJ2LxiR2INO1bQ8XEBEXSyFRQ-JLZyajkj59ptOx4mMdC3atrsAmESQ7IDdRlIcH_ZhMqWfLkq

Request Chain 129

https://fw.adsafeprotected.com/rfw/st/914269/59533523/skeleton.js?ias_dspID=3&ias_campId=1008425768&ias_pubId=pub-2573594588939938&ias_chanId=1&ias_placementId=17866468688&bidurl=https://aesencryption.net/&ias_dealId=&adsafe_url=https%3A%2F%2Faesencryption.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220927%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2573594588939938%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26xpc%3DhvUr05ey4w%26p%3Dhttps%253A%2F%2Faesencryption.net&adsafe_type=d&adsafe_jsinfo=,id:716356ff-9481-4408-bf05-b0ba485ad824,c:pB4gnF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-56cccd4d78-w7k6q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:dfhui1,mtim:238,mot:0,app:0,maw:0,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:265,oid:04d7508f-3fdf-11ed-9f7d-c2a81a288a75,v:19.8.353,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

159 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
aesencryption.net/ 24 KB
7 KB 90ms
27ms Document
text/html 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8ed4cec53b3c45549d34b6345471e035274dde988797b902733cf8694e88be9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6481
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Sep 2022 10:10:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK bootstrap.css
aesencryption.net/css/bootstrap/themes/united/ 124 KB
18 KB 30ms
30ms Stylesheet
text/css 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/css/bootstrap/themes/united/bootstrap.css
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e6e11b13e446bd4e1cbad236bde511133db4ba93e278bc70bfd1d8b58b99fd3e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1efa1-5a3d357475bc1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18421
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK bootstrap-responsive.css
aesencryption.net/css/bootstrap/ 22 KB
5 KB 63ms
31ms Stylesheet
text/css 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/css/bootstrap/bootstrap-responsive.css
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4031c29838b526f3db538e1446b2ee446b28bef557345e67c7122a809f9d705f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "565e-5a3d357475bc1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4242
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK jquery.snippet.min.css
aesencryption.net/css/jquery/plugin/ 50 KB
7 KB 86ms
32ms Stylesheet
text/css 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/css/jquery/plugin/jquery.snippet.min.css
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0235c15bcd5eedf978f46cac91727dadb327908a6a7418ce269c040fb0439da7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "c650-5a3d357475bc1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6443
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK main.css
aesencryption.net/css/ 918 B
774 B 88ms
34ms Stylesheet
text/css 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/css/main.css
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 96063f2292a8e475aeea91a713d0cb03008ea374e8c209d5a85dc998794612a9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "396-5a3d357475bc1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 357
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
57 KB 155ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

facac4b5d8fa7d997761cc616856ba5f78397fe76df3d39cc2fb113a02c0dfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57683
x-xss-protection: 0
server: cafe
etag: 10955628172718939013
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 10:10:58 GMT

GET
H2 200 btn_donate_LG.gif
www.paypalobjects.com/en_GB/i/btn/ 2 KB
2 KB 122ms
19ms Image
image/gif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bc8b9cb4ac4b4441a15136f1b4733f91e710dd9b9f86d28523a332bb0deb763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=1714 idim=92x26 ifmt=gif ofsz=1713 odim=92x26 ofmt=gif
paypal-debug-id: 80ba2485eeb66
fastly-stats: io=1
dc: phx-origin-www-3.paypal.com
content-length: 1713
x-served-by: cache-sjc10047-SJC, cache-mxp6924-MXP
x-timer: S1664446259.778372,VS0,VE1
etag: "Sw3k14QhL6e/lFNTqMheH3dkDX5uKpNX6uj4DVwxNFo"
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 616, 1

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
507 B 120ms
17ms Image
image/gif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 49e36fd282d15
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10056-SJC, cache-mxp6924-MXP
x-timer: S1664446259.778571,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 7, 25985

GET
H/1.1 200
OK jquery.min.js Show response
aesencryption.net/js/ 91 KB
92 KB 44ms
33ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/jquery.min.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1364259555f0c3024aababcee93be20767adca520261680281218bd1dacaeb89

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "16cfd-5a3d357477b01"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 93437
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
aesencryption.net/js/ 3 KB
3 KB 71ms
50ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/jquery.cookie.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "c31-5a3d357476b61"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3121
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
aesencryption.net/js/ 28 KB
28 KB 97ms
44ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/bootstrap.min.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 61ce3854c13015d809b16c1325e707259e05d74eb7a4b958d2e96cf892d7557d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6ff7-5a3d357476b61"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28663
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK jquery.snippet.min.js Show response
aesencryption.net/js/ 67 KB
67 KB 74ms
41ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/jquery.snippet.min.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 64dface6e5fbbbf6065d4c198123b6910345efb5c85818cfddbc8a8adb4734ea

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "10b5e-5a3d357477b01"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 68446
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK jquery.floatingFixed.js Show response
aesencryption.net/js/ 3 KB
4 KB 52ms
32ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/jquery.floatingFixed.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f5e2fceeb6bc1c619d6e02f90c3295bb774765d7b08278cf4e4e3b87fbd96a42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "d76-5a3d357476b61"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3446
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK smart-modal.js Show response
aesencryption.net/js/ 1 KB
2 KB 33ms
33ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/smart-modal.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: aeb6cfeaa17740d5d84c44dacf2534f99e17d2027128dc882dfc9ad274a4a82f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4a2-5a3d357477b01"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1186
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK survey-adapter.js Show response
aesencryption.net/js/ 465 B
851 B 33ms
31ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/survey-adapter.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1424a43a2f8c3a679dae42f0fde395d936166bace93565f053eba90baa0682f6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1d1-5a3d357477b01"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 465
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H/1.1 200
OK main.js Show response
aesencryption.net/js/ 507 B
892 B 31ms
30ms Script
application/javascript 94.177.176.90
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aesencryption.net/js/main.js
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.177.176.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host90-176-177-94.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 95ce9e9f5cd21c804e3c8465319a5d7ade7e308ce89cb36c51a047915b62c1f7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 10:10:58 GMT
Last-Modified: Tue, 21 Apr 2020 21:03:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1fb-5a3d357477b01"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 507
Expires: Fri, 30 Sep 2022 10:10:58 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 136ms
32ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b964f75cb8c613e484743bf4daaac6efc65c74156fca95cd76ca15d742555d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:58 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 39808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Sep 2022 00:56:47 GMT
server: cloudflare
etag: W/"ba7-5e7bb5238fa5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7523ee9d5c0059c5-MXP

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 97ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4889369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1618
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW7g%2F0Rl4YxxQc4ruyZH83Vo6g%2B3u71ULO8hSYLz9ISm2AtNexlTyLZrMzJWq8%2B%2BmaHz%2BEG8pwGPBMeg0YgFYo08YqjnaLsJ7fH7hD90cx8iaHo5Yjl9trjXU96zCL1I1lc0GW4teP4cVkwYtQyggWs1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7523ee9d2d09839a-MXP
expires: Tue, 19 Sep 2023 10:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
983 B 149ms
40ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/css/bootstrap/themes/united/bootstrap.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 10:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 10:10:58 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 105ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aesencryption.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:27:16 GMT
x-content-type-options: nosniff
age: 53022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:27:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
42ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 08:27:32 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6207
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 10:27:32 GMT

GET
H3 200 core.e18d3993.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 240ms
216ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.e18d3993.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36925e7859abeeb8681d694d702e00b1fbba6f37ac49b11e8f863ed24507ca6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aesencryption.net/
Origin: https://aesencryption.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Sep 2022 00:56:46 GMT
server: cloudflare
etag: W/"11891-5e7bb52267bff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7523ee9fb8090e1a-MXP

GET
H2 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 66ms
65ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1249415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7523ee9f9f8a59c5-MXP

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 0BF9 741 B
691 B 40ms
39ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1249414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7523eea01ddfbaf7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Sep 2022 10:10:59 GMT
etag: W/"2e5-5cc9e128a4c38"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 347 KB
123 KB 121ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2573594588939938&plah=aesencryption.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3597ef7142b471a9e45bb2f7cc20c166cb382d558130c889c7d64b3339396198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125492
x-xss-protection: 0
server: cafe
etag: 9764980399936340038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 10:10:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/ Frame 08DF 10 KB
5 KB 170ms
41ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 53881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:12:58 GMT
etag: 9671129459699598864
expires: Wed, 12 Oct 2022 19:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 144ms
65ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1403744180&t=pageview&_s=1&dl=https%3A%2F%2Faesencryption.net%2F&ul=en-us&de=UTF-8&dt=AES%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=577140997&gjid=1768019505&cid=2057108271.1664446259&tid=UA-45217011-2&_gid=1932115069.1664446259&_r=1&_slc=1&z=1397357058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aesencryption.net/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aesencryption.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
650 B 173ms
60ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aesencryption.net&callback=_gfp_s_&client=ca-pub-2573594588939938

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2573594588939938&plah=aesencryption.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

6b0d64eb580468445daa61a73e7f63ac5d7062f6798037496d004497419fd764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 271ms
63ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=aesencryption.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 118ms
37ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aesencryption.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 989D 81 KB
29 KB 703ms
625ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&slotname=1776518717&adk=2466049890&adf=2275705056&pi=t.ma~as.1776518717&w=1130&fwrn=4&fwrnh=100&lmt=1664446259&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259226&bpp=17&bdt=609&idt=227&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=4905973425307&frm=20&pv=2&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Kf05mqW2DA&p=https%3A//aesencryption.net&dtd=325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

799dceac1907cb1d9c92d696c51b861e69a726a2eb903965fef460a6ac3feeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29602
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:00 GMT
expires: Thu, 29 Sep 2022 10:11:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 106ms
33ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45217011-2&cid=2057108271.1664446259&jid=577140997&gjid=1768019505&_gid=1932115069.1664446259&_u=IEBAAAAAAAAAAC~&z=545730519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aesencryption.net/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 10:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aesencryption.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Faesencryption.net%2F&tn=DIV&cls=navbar%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F213 28 KB
12 KB 600ms
594ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&adk=1812271804&adf=3025194257&lmt=1664446259&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Faesencryption.net%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259274&bpp=3&bdt=657&idt=337&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280&nras=1&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=350

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73228d9a6006ce57a1d188b124f6c4152c96abcd6e633b1c06af5dc0021113de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11947
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:00 GMT
expires: Thu, 29 Sep 2022 10:11:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 116ms
51ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-45217011-2&cid=2057108271.1664446259&jid=577140997&_u=IEBAAAAAAAAAAC~&z=313885367

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 118ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-45217011-2&cid=2057108271.1664446259&jid=577140997&_u=IEBAAAAAAAAAAC~&z=313885367

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 151 KB
54 KB 193ms
192ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372e7affbde11d63fcede954c4c3a72c023b95e26ad9973819b8c92aa0ec3796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55031
x-xss-protection: 0
server: cafe
etag: 10150976882206990048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 143ms
63ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=aesencryption.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
40ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aesencryption.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BDE 86 KB
31 KB 548ms
547ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

159b110cf43121f8ee3bab4a069568b7e5b4be08f55dd46a3ee59cc4591090e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31938
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:00 GMT
expires: Thu, 29 Sep 2022 10:11:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F281 95 KB
33 KB 390ms
387ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92428cffd634db8af6ec9a0e90ea6601bc5756dfec79fdd13634b8aca3ca06f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33720
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:00 GMT
expires: Thu, 29 Sep 2022 10:11:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 989D 6 KB
672 B 105ms
39ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&slotname=1776518717&adk=2466049890&adf=2275705056&pi=t.ma~as.1776518717&w=1130&fwrn=4&fwrnh=100&lmt=1664446259&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259226&bpp=17&bdt=609&idt=227&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=4905973425307&frm=20&pv=2&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Kf05mqW2DA&p=https%3A//aesencryption.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:07:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 989D 2 KB
983 B 169ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:17:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 989D 23 KB
10 KB 157ms
39ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 989D 3 KB
1 KB 160ms
53ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 10:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 989D 17 KB
7 KB 164ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:38:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 989D 140 KB
44 KB 122ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 989D 32 KB
14 KB 91ms
25ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 20:56:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 989D 0
0 87ms
86ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXEd3M281Y9iFKtfUYNSQlfAK7ZS18GHA9_msiQzZ2R4QASDesYYLYP2CkYToEaABu83augLIAQmpAkpgYwhhQLA-qAMByAPLBKoE4AFP0LY-p9kKo-0gCEGx-Cd4ZnnZMUqEsJBUnlq6nxl7hsx8Ju9asrr-OsEYO7_QPoQI3KfOI5SVeKAB84qVorUoGO4x4WW6u52KWcEiMgOdiqoobGN-2q2DazUdwEnclhqV8Aw1nrbZVJl5L1WB8rJQYZ7YbG3LY6mC5mrg7DfrNd5ns17XyxZxmZZaW6K4Vfimyr0n1qhsRKjgL0EzHxIhtAbZ5CqpqhV3gms1EOP7MlAZBYrKg5sIpcsYDP2Nh9g4ebOA9-lJBhgApO8ubQcKAyObKL2ZzxFMKGUwTyCeiMAEoae02oYDkgUECAQYAZIFBAgFGASgBi6AB62ypcUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnLEW0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQF0BUBgBcBshccChoIABIUcHViLTI1NzM1OTQ1ODg5Mzk5MzgYAA&sigh=jlueP2mdXG4&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&slotname=1776518717&adk=2466049890&adf=2275705056&pi=t.ma~as.1776518717&w=1130&fwrn=4&fwrnh=100&lmt=1664446259&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446259226&bpp=17&bdt=609&idt=227&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=4905973425307&frm=20&pv=2&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Kf05mqW2DA&p=https%3A//aesencryption.net&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 10:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/ Frame 3337 10 KB
4 KB 43ms
39ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 27545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:31:55 GMT
etag: 9671129459699598864
expires: Thu, 13 Oct 2022 02:31:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1978932718387249880/ Frame 989D 5 KB
5 KB 145ms
77ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1978932718387249880/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cb22fa8ac1b6ee40b8e49db01d74a398c086095ebb76817f2e52cdeb99813cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:21:40 GMT
x-content-type-options: nosniff
age: 283760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5037
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:52:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 03:21:40 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1963351420149199052/ Frame 989D 4 KB
4 KB 146ms
80ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1963351420149199052/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac141c68e9774676d997532a32ba53d347dfa5e60ced701dbdacfa9da570e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:00:17 GMT
x-content-type-options: nosniff
age: 285043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3879
x-xss-protection: 0
last-modified: Thu, 26 May 2022 07:20:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 03:00:17 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0680 624 B
297 B 76ms
75ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ9L_SlQIYuOKsvgEwAQ&v=APEucNWruM6UnrSsfsSrbu75_a8ZFSr61CHTGVLGMjuHIQbmtL2FuFaWWzXUw8dNjYdFaU3KEpqXHL3BsEBHmWy_YXlIzUFmWRd5rAmjgJAhtzfM-hQ0Ysi8wcVHJT5rJFCWoLsahC69QdhAlhfrwQJNqWJMJAGme0Ce9DvOu8DSVgqfphmgInU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3337 94 KB
36 KB 119ms
114ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIKhhtOHc008dQAVIAGUTa0pkyEOhUqjk3Jls36wZowgxe2DYyQtNq9f_CFvMOHoVjG3QXliu7weXcgD4NTrZCZriN8Z1cMnn6RF_nOaPw9GFjp0HMkUT0R43XIHholUUMbzd7AfnnMtCV1Ls9qaOZWuoi6YmqeFQz2uDfDA2xll0lQms&dbm_d=AKAmf-BaYLdLsgvTxZ3K6oOKBhzieccYjzFIgrjXLBMAEginTIQF1tqTQVH09tbUUoTPoB3j4wHVMlzdnbqewXtUJXRW6_viCm5KsPurhD1ZtVHcN6CY3SL7Qn4SwjZN8RCc-zXQ8lamiPwUJdedqdXLgTgF3Faq8QD46ma6cRZsaMZeAGNvuP3qyF2Wf88lyyX7cuqVbIwGkYCyzF6rH-6tpY6KcYoPsCKxs2qEBQQCFSkUFUjcQI70cEFhPgxurHzyodNMqd9-WKXTjMqLBDZjoRa80fXmAp8751cM0C3Rm572QTObGYe6IL_shx99-gbmfbIPGMdqTUTobVgqhujg_AA7rrbiOvd9yIWuTMnaj6X1AxPf4MI_cwVxFCjOypYQWoeT3sKblXjk-Pqy5b_8UtJIFRfIejOJxDUlJAee97vRxXLvKlTtahvcVKmGKme4d7IVDq5Q0tOBdmTqnhDuNqzrT7Gz2wn0RXQ0r9t74YGFzS0XxVaAfNtcKdFP7E2CF5RbH6_oQe7cuHuoWmPATyH_uZP7--40aam4DCEozFUsQVzMuSiZehKRXhto95dkp0E8dstEwARgMIqLDcNElJEdqx9M6uzEMfIRWJojieJd_Mzy1xkcEhrRztC2qSj0J9V02Xtwwu8UwQzBfzx9sNadlDFkuG51BDeyR3p85GkGht6Ynh56jfUZF3r7vgnhI4uBN0FoJPkjydYKNxIm99KkutsBfIJI6Sc9ICTpu0YgA2XWMzjSr_VLeIXyAlE9biAsvaXTf91qj_vpUUpp2dRt63Fb1vgzFMMuBRmFJY-xz43j9_yTs3VrkTgEDzZFSbeG2FoZCK3gkUnMU1zXnfFdCk62ddcjzv-FNUxFuzncQ6OXtXNwhZKQSQkeCB0r0PXP9ZHSisEezbRD1cznL5hjagMrdIKhO1JnalB0gLwbgzgjORBFtlOMhsUeQaD5RErj4dngizduRFEd5UKrpHozULZX72KWj90z71V69WYOrfiGrvQsfK6qGs8mQqpzBZUn7vMDF0kQZZ9mtMNmdW8PbUAM5fs0GnpQqvjlyAat4rEnN3admPLdXdLY5t5DvWzP010f_Y4PkQC2xbiNDIErHWsbvd5S3r7r_91K24q3_YW08qfRlPP2mKrSMikbRJhTzP5A5MgiiBMKDEd6YGlJlYMLBtYJ-JbO5SMmVlC_psO-FmaWsnmWFaBcTbmbQdCkt71CkggkFiP7_0q2sYfYtDj06XyDCE1ZjAtXSg87CkQqO_0QVvVQQU7v7Q-SvM-wARneZ_sATHOXR52rpH_HRZimcJRdwjlNdGYpXHj7lEojZgpB9p8DkI-YAMUolU2U3GulifgzvMNyFSf62Kg3vTC0j5lFMZ9Oec5HMxjAHwtt3FDxjnrokMNfcD6ZHo8qbdA0cfL9P-kaTsl907NyjkswBTUwtJfaZ1Cd7mB742fOrKZa2nFnqe7NlBpfa6Gdu4deHcUoQgLgsVkwiI4IjCXv9IHthFO_78OUY_PnOTcMAohSuck4NcO2H23RmvZ0Ug0R8e047-GGjZZPIerGThXf_QwERPtH2C3jYYISaPLbngQu4y1X_FZs87pMSkVLTIbu6ahCd7I_TXp-P2_yOSgd6FcO28DuaZrExwvl11DRI4WwklG2iswyywe056MYawBbJxL9bV_Aourja69jw-rxXPgmVwPnbD3eCv9rIlr3QyQQhYo0bQ4poit57l0Dklu6fSPrXftKS4t26z9zV_7V5kFuiridb7TPyLcm45z3c_6vMvuc5tBNcjiwsv-64OZKA1CBX-TzZdVvgWaZyxMoiolR9745vK6rcM7uSNPli4r-708nPkSEBJ4LTkIYqE2sfqLX0Td0_66sVpLlKBSX7L9L9VJ3-kqKFL5n2Oq0b0AqPX7dTBPNcZtQE9b4jo1TXm2NugMA4DNHpC7Z-J3cWht7Frujxw5myGpx_rds2-W7bVipNpm5FbgDuNwE6pkNbvQRcGIOoAD0XtNp4CMRUcNs7al8i2Shtk3ds0Jo_N5zkMLUlMlC81nji3sgKvCNkkKqLhucX6QAUQqMeCDNLMjOC1aX6VgDTtsF-cYpxzE_zsYAfIAfLBkUOt1n_Rwo5VGarM3z6qr2_xOj4sAvBJayEctv3ATfafx5Lnwb61jA1XIhLS_9sgrGRYW0W79VhGpPURNuXuC7YFUACJaQ_kANH3RJvVyVgKR-GLyDuXAOweId6eBngSxZ8zTKR0yPUJynOwRc1rbAQGKvs0ZcC0o4f73yQ8kn6zLyk_YIjC7unkQm-kjyDPjr8rJ_Qy74rDATwV63342flrxqzB8DiLDlF33p5g-3RPoEqqu72VT-z3_4Mx0dhVaFBd5UP50J1j3QRxHTkiuQZA36uKTVqSVRkR-LDaTi4Ifsj6a2UNuxOxDAhFTvwH66tAE6Z8wYtRsUM4yEQwOS22oN4WTyhizuKTYqhr5Iy-In3XC9jRVXzjqgeAuX7ZiRMgpSkujUSSSxE3wPzUbqx5t-Az0VUKRxV0I-dqeqvlJ3UWXOG42z199Byf0UCbgBBWvmS0SbJ4wwVd6XdaNl9EvdZl73URhHBd1HX-QD1Pm9ORannoZ1NmHybMcBydR2OD79fI4qvONzexKs4_9M_iQxKAioQjMBhpp85-YVeLWcncPJkwd-cw8X3I54gH1rvy9lCJCZ9Y-DCy2gJomAfWI1OrnKoTzu-3K5Fm9jCn2j7py2NRVLnGuOutN-6dDhtRgDjKy7zbZF6WOXhYjiAxLW0b7z4kHBOFzvtnTI4mXxT-Iu8DWictEj0ZaYX8MkuXVHHUQaHyrZNW6NR13QGBY7IEymPzhyR5FRsTX5sxPY437fOxpHElNXjQEJe5mJ-aNq206s3y4CysSo4Ew48XrskFXOrGrDKUKJbuj04DH_4SuyUnSBxRDZhALRmQtgkfk5Bn-RrQsSsfTGGcc_MHe4BYcDDac1qGcRYY1C0-V88RuvBDLRsXeEJQ3HC9_Cl38HfkVqQ3Qov-4KI-WiJLHN_5P3TOJaxcpECazuhtzMSIfvVFcEglckOpI6s9Y6B_D5WkZq&cid=CAASBORojWk&rfl=1%2Chttps%253A%252F%252Faesencryption.net%252F%240

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e24ee621c9fd260205bcb1764d8f6db8221c9f066b8b0d8cabcdf07d6eb9f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3337 42 B
63 B 66ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChijH-E7oy2-LKiISg9n7piCI4SiwkgQ26LqvMM86KariHwf_hHcYsw8kCuOlOhFeI_8gZgYQdtKe-wgQfFoZYxW6OgmlfD-Ak8XHYvOy2SGYjtqg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 3337 3 KB
1 KB 54ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 10:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 3337 17 KB
7 KB 47ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:38:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3337 140 KB
44 KB 102ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 10:11:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3337 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220927&sample=0.01

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 989D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 137b350370ca2d508274f0fb78127b1f2b032062930680f4b5b7af2acdb98083

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 989D 15 KB
15 KB 96ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:39:12 GMT
x-content-type-options: nosniff
age: 163908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 12:39:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 989D 15 KB
16 KB 109ms
53ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 362479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 989D 15 KB
15 KB 80ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:28:47 GMT
x-content-type-options: nosniff
age: 168133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:28:47 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0680
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjFd-mzGfPlXxvIjuu8ze4&google_cver=1

43 B
882 B

124ms
101ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjFd-mzGfPlXxvIjuu8ze4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ9L_SlQIYuOKsvgEwAQ&v=APEucNWruM6UnrSsfsSrbu75_a8ZFSr61CHTGVLGMjuHIQbmtL2FuFaWWzXUw8dNjYdFaU3KEpqXHL3BsEBHmWy_YXlIzUFmWRd5rAmjgJAhtzfM-hQ0Ysi8wcVHJT5rJFCWoLsahC69QdhAlhfrwQJNqWJMJAGme0Ce9DvOu8DSVgqfphmgInU
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVwck5ECfi0v%2FF1KH8onQNFd9bK5eS5ULFb7mwiePfGDokriGLbD8MpIIw3%2F%2BALYHPn%2BmUhQ8tgL3fdRXYB94nAEbGIV6JROZ5otOR1%2F%2BtAJpzpEN7oUEbD34xv1u9M22dw9wzU7lzQ7bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7523eeaafd190e0e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjFd-mzGfPlXxvIjuu8ze4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0680
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzVvNNmb8agDYD4pwnEeAwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBGvFAKgMnmFymN0CvRrk-I&google_cver=1

43 B
848 B

82ms
81ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBGvFAKgMnmFymN0CvRrk-I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ9L_SlQIYuOKsvgEwAQ&v=APEucNWruM6UnrSsfsSrbu75_a8ZFSr61CHTGVLGMjuHIQbmtL2FuFaWWzXUw8dNjYdFaU3KEpqXHL3BsEBHmWy_YXlIzUFmWRd5rAmjgJAhtzfM-hQ0Ysi8wcVHJT5rJFCWoLsahC69QdhAlhfrwQJNqWJMJAGme0Ce9DvOu8DSVgqfphmgInU
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjfoUbaxR%2FtFPfIziMlHAJ%2FX8Q%2BhW0Ncpkf5Pouo2tCiQYfwsW%2FkNOjbVFKC6gHx43i2K%2BNJssXwggC5%2FtzGdOX2gU7YYAEtV23lF%2BheggktHcb2ib%2FQFjK4VqNVJfeTWlgmBS7jIXEv8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7523eeacff3f0e0e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBGvFAKgMnmFymN0CvRrk-I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0680
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELvucUUHCmYaPsjehjAsaPk&google_cver=1

43 B
1020 B

92ms
30ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELvucUUHCmYaPsjehjAsaPk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ9L_SlQIYuOKsvgEwAQ&v=APEucNWruM6UnrSsfsSrbu75_a8ZFSr61CHTGVLGMjuHIQbmtL2FuFaWWzXUw8dNjYdFaU3KEpqXHL3BsEBHmWy_YXlIzUFmWRd5rAmjgJAhtzfM-hQ0Ysi8wcVHJT5rJFCWoLsahC69QdhAlhfrwQJNqWJMJAGme0Ce9DvOu8DSVgqfphmgInU

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 10:11:00 GMT
AN-X-Request-Uuid: ab1ee90e-200e-4bd8-83d7-f7f02c7b77c6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.216; 192.145.127.216; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELvucUUHCmYaPsjehjAsaPk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0680
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY3MDI5NjU2NzI4OTM2NDkzNA%3D%3D

170 B
188 B

105ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY3MDI5NjU2NzI4OTM2NDkzNA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 10:11:00 GMT
AN-X-Request-Uuid: 57e6d91a-2fb5-4e36-8ecd-9f75f2149e6d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY3MDI5NjU2NzI4OTM2NDkzNA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 192.145.127.216; 192.145.127.216; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/914269/59533523/ Frame 3337 47 KB
12 KB 248ms
54ms Script
application/javascript 63.33.165.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/914269/59533523/skeleton.js?ias_dspID=3&ias_campId=1008425768&ias_pubId=pub-2573594588939938&ias_chanId=1&ias_placementId=17866468688&bidurl=https://aesencryption.net/&ias_dealId=
Requested by: Host: aesencryption.net
URL: https://aesencryption.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a6b191e419424a0ba5b37de1238a23c85feebedf050cfd2d9dfb0993dd40072b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3337 106 KB
38 KB 179ms
40ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Sep 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame 3337 8 KB
3 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIKhhtOHc008dQAVIAGUTa0pkyEOhUqjk3Jls36wZowgxe2DYyQtNq9f_CFvMOHoVjG3QXliu7weXcgD4NTrZCZriN8Z1cMnn6RF_nOaPw9GFjp0HMkUT0R43XIHholUUMbzd7AfnnMtCV1Ls9qaOZWuoi6YmqeFQz2uDfDA2xll0lQms&dbm_d=AKAmf-BaYLdLsgvTxZ3K6oOKBhzieccYjzFIgrjXLBMAEginTIQF1tqTQVH09tbUUoTPoB3j4wHVMlzdnbqewXtUJXRW6_viCm5KsPurhD1ZtVHcN6CY3SL7Qn4SwjZN8RCc-zXQ8lamiPwUJdedqdXLgTgF3Faq8QD46ma6cRZsaMZeAGNvuP3qyF2Wf88lyyX7cuqVbIwGkYCyzF6rH-6tpY6KcYoPsCKxs2qEBQQCFSkUFUjcQI70cEFhPgxurHzyodNMqd9-WKXTjMqLBDZjoRa80fXmAp8751cM0C3Rm572QTObGYe6IL_shx99-gbmfbIPGMdqTUTobVgqhujg_AA7rrbiOvd9yIWuTMnaj6X1AxPf4MI_cwVxFCjOypYQWoeT3sKblXjk-Pqy5b_8UtJIFRfIejOJxDUlJAee97vRxXLvKlTtahvcVKmGKme4d7IVDq5Q0tOBdmTqnhDuNqzrT7Gz2wn0RXQ0r9t74YGFzS0XxVaAfNtcKdFP7E2CF5RbH6_oQe7cuHuoWmPATyH_uZP7--40aam4DCEozFUsQVzMuSiZehKRXhto95dkp0E8dstEwARgMIqLDcNElJEdqx9M6uzEMfIRWJojieJd_Mzy1xkcEhrRztC2qSj0J9V02Xtwwu8UwQzBfzx9sNadlDFkuG51BDeyR3p85GkGht6Ynh56jfUZF3r7vgnhI4uBN0FoJPkjydYKNxIm99KkutsBfIJI6Sc9ICTpu0YgA2XWMzjSr_VLeIXyAlE9biAsvaXTf91qj_vpUUpp2dRt63Fb1vgzFMMuBRmFJY-xz43j9_yTs3VrkTgEDzZFSbeG2FoZCK3gkUnMU1zXnfFdCk62ddcjzv-FNUxFuzncQ6OXtXNwhZKQSQkeCB0r0PXP9ZHSisEezbRD1cznL5hjagMrdIKhO1JnalB0gLwbgzgjORBFtlOMhsUeQaD5RErj4dngizduRFEd5UKrpHozULZX72KWj90z71V69WYOrfiGrvQsfK6qGs8mQqpzBZUn7vMDF0kQZZ9mtMNmdW8PbUAM5fs0GnpQqvjlyAat4rEnN3admPLdXdLY5t5DvWzP010f_Y4PkQC2xbiNDIErHWsbvd5S3r7r_91K24q3_YW08qfRlPP2mKrSMikbRJhTzP5A5MgiiBMKDEd6YGlJlYMLBtYJ-JbO5SMmVlC_psO-FmaWsnmWFaBcTbmbQdCkt71CkggkFiP7_0q2sYfYtDj06XyDCE1ZjAtXSg87CkQqO_0QVvVQQU7v7Q-SvM-wARneZ_sATHOXR52rpH_HRZimcJRdwjlNdGYpXHj7lEojZgpB9p8DkI-YAMUolU2U3GulifgzvMNyFSf62Kg3vTC0j5lFMZ9Oec5HMxjAHwtt3FDxjnrokMNfcD6ZHo8qbdA0cfL9P-kaTsl907NyjkswBTUwtJfaZ1Cd7mB742fOrKZa2nFnqe7NlBpfa6Gdu4deHcUoQgLgsVkwiI4IjCXv9IHthFO_78OUY_PnOTcMAohSuck4NcO2H23RmvZ0Ug0R8e047-GGjZZPIerGThXf_QwERPtH2C3jYYISaPLbngQu4y1X_FZs87pMSkVLTIbu6ahCd7I_TXp-P2_yOSgd6FcO28DuaZrExwvl11DRI4WwklG2iswyywe056MYawBbJxL9bV_Aourja69jw-rxXPgmVwPnbD3eCv9rIlr3QyQQhYo0bQ4poit57l0Dklu6fSPrXftKS4t26z9zV_7V5kFuiridb7TPyLcm45z3c_6vMvuc5tBNcjiwsv-64OZKA1CBX-TzZdVvgWaZyxMoiolR9745vK6rcM7uSNPli4r-708nPkSEBJ4LTkIYqE2sfqLX0Td0_66sVpLlKBSX7L9L9VJ3-kqKFL5n2Oq0b0AqPX7dTBPNcZtQE9b4jo1TXm2NugMA4DNHpC7Z-J3cWht7Frujxw5myGpx_rds2-W7bVipNpm5FbgDuNwE6pkNbvQRcGIOoAD0XtNp4CMRUcNs7al8i2Shtk3ds0Jo_N5zkMLUlMlC81nji3sgKvCNkkKqLhucX6QAUQqMeCDNLMjOC1aX6VgDTtsF-cYpxzE_zsYAfIAfLBkUOt1n_Rwo5VGarM3z6qr2_xOj4sAvBJayEctv3ATfafx5Lnwb61jA1XIhLS_9sgrGRYW0W79VhGpPURNuXuC7YFUACJaQ_kANH3RJvVyVgKR-GLyDuXAOweId6eBngSxZ8zTKR0yPUJynOwRc1rbAQGKvs0ZcC0o4f73yQ8kn6zLyk_YIjC7unkQm-kjyDPjr8rJ_Qy74rDATwV63342flrxqzB8DiLDlF33p5g-3RPoEqqu72VT-z3_4Mx0dhVaFBd5UP50J1j3QRxHTkiuQZA36uKTVqSVRkR-LDaTi4Ifsj6a2UNuxOxDAhFTvwH66tAE6Z8wYtRsUM4yEQwOS22oN4WTyhizuKTYqhr5Iy-In3XC9jRVXzjqgeAuX7ZiRMgpSkujUSSSxE3wPzUbqx5t-Az0VUKRxV0I-dqeqvlJ3UWXOG42z199Byf0UCbgBBWvmS0SbJ4wwVd6XdaNl9EvdZl73URhHBd1HX-QD1Pm9ORannoZ1NmHybMcBydR2OD79fI4qvONzexKs4_9M_iQxKAioQjMBhpp85-YVeLWcncPJkwd-cw8X3I54gH1rvy9lCJCZ9Y-DCy2gJomAfWI1OrnKoTzu-3K5Fm9jCn2j7py2NRVLnGuOutN-6dDhtRgDjKy7zbZF6WOXhYjiAxLW0b7z4kHBOFzvtnTI4mXxT-Iu8DWictEj0ZaYX8MkuXVHHUQaHyrZNW6NR13QGBY7IEymPzhyR5FRsTX5sxPY437fOxpHElNXjQEJe5mJ-aNq206s3y4CysSo4Ew48XrskFXOrGrDKUKJbuj04DH_4SuyUnSBxRDZhALRmQtgkfk5Bn-RrQsSsfTGGcc_MHe4BYcDDac1qGcRYY1C0-V88RuvBDLRsXeEJQ3HC9_Cl38HfkVqQ3Qov-4KI-WiJLHN_5P3TOJaxcpECazuhtzMSIfvVFcEglckOpI6s9Y6B_D5WkZq&cid=CAASBORojWk&rfl=1%2Chttps%253A%252F%252Faesencryption.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:59:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 3337 30 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 10:07:26 GMT

GET
H3 200 de17d2874496eb5aa5ae962212bd52f2.js Show response
www.gstatic.com/mysidia/ Frame F281 10 KB
4 KB 92ms
37ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de17d2874496eb5aa5ae962212bd52f2.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0658601ec218af17ef062c0a57a3fb492033a478223a053975eeae25f87e275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4282
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:12:15 GMT

GET
H3 200 777fc5017be2667dfa3342e80487738c.js Show response
www.gstatic.com/mysidia/ Frame F281 9 KB
4 KB 91ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/777fc5017be2667dfa3342e80487738c.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61ec44fbbd088b972ab66ef50a82b823987fd26165376b25eb0f6eb3321abbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4259
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 07:09:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:14:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F281 8 KB
895 B 41ms
37ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:05:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3337 41 KB
15 KB 143ms
53ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F281 2 KB
902 B 52ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:13:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame F281 23 KB
9 KB 64ms
41ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F281 3 KB
1 KB 54ms
49ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:13:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F281 17 KB
7 KB 71ms
49ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:12:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F281 140 KB
44 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 10:11:00 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame F281 32 KB
13 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 20:56:50 GMT

GET
DATA 200
OK truncated
/ Frame 3337 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d734672f941caed0316ee7bf430678f15a0aeb4bd39444876fdc503bba7e35a9

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 400C 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:32:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F281 0
0 96ms
86ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6QcMNG81Y8vsHIuV7AOnubaACY2im6ds4fjv4vQPwI23ARABIN6xhgtg_YKRhOgRoAGKuqHOAcgBAagDAcgDwwSqBOgBT9CF0KZYInwACQT-KAQIw-74EJG722AQc0PwO_B7BJETdE1mKcbqAkeQ_z2EDsVtxlGYkYUuBXuvfBZDe773tQ-bqBwmVRwR17F5WjPxrdty2qARFzCisIZPfSIXOhHFoFzv0WKDujZ-M7pdNJn8QLqNuBzy5FCIOXfT6WMyiCwZKBqXbaSFBSxd-ZABllEKMttMjpvT2lg5Fj_1Ws0v7iiU9mTysFCj3f-OfRqRAaV4222MOkqxY5Xm_fbNMEMRgGZibfVd66ym8ixEw8tBxjDazjXXAZbxgE5wK25sTPblHuGLyi1rHMAEr5_s9_gDkgUECAQYAZIFBAgFGASgBlGAB97F3rECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3LgB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMjU3MzU5NDU4ODkzOTkzOBgA&sigh=TdYtLB78ucY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 10:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9BDE 6 KB
672 B 40ms
39ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 10:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:02:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 10:11:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 9BDE 2 KB
902 B 44ms
43ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:13:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 9BDE 23 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 9BDE 3 KB
1 KB 46ms
44ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:13:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 9BDE 17 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:12:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9BDE 0
0 97ms
34ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIRyg_clWtLL7KNHHagPCssCm_hB6Z-jMbANNjD89w6w3xlfudI5-Iv_m-cB5NLJD1G0CLISsIegOYrFy51bLw5P22EA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BDE 140 KB
44 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 10:11:01 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 9BDE 32 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 20:56:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9BDE 0
0 88ms
85ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJFenNG81Y97GHMCIiM0Pvu2J8ALtlLXwYcD3-ayJDNnZHhABIN6xhgtg_YKRhOgRoAG7zdq6AsgBCakCVhpGor46sD6oAwHIA8sEqgTjAU_Qrv7T19xaYUHxKWBGNWI-ohKQCkY55obDtspUDPVsRLPCOB1AWMIg1WAglJGUTGf7B5AOFC_ntUAQlw_fUSK3674_4itdtTKrXds16gcCch2PdLeyDs-thefT-kxC6jXndlTt-4CTO9lbcoFy8b7DiAfoFhDKW8LnXJA0gNwVi80O3xGNyiOUNrbudJFPRlfHDIYECg_TuTEQYgNlXcTlEfDoCgRAhpyhP91Zs61eQdM15pPeOteHhTgKZKEWRm2iC0DWQ_JZgJ1TkmFTf-VlQ0q3JGyiLMxEQi8d38bON6t8wAShp7TahgOSBQQIBBgBkgUECAUYBKAGLoAHrbKlxQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDztQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItMjU3MzU5NDU4ODkzOTkzOBgA&sigh=OABMPiwO81s&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 10:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14782425995301463850/ Frame 9BDE 9 KB
9 KB 40ms
40ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14782425995301463850/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5081101e5d86fbcc98b734678b34720e8a62b9c20b44b8b39a104c45c635927d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:14:52 GMT
x-content-type-options: nosniff
age: 284169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9696
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 11:02:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 03:14:52 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1963351420149199052/ Frame 9BDE 4 KB
4 KB 43ms
43ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1963351420149199052/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac141c68e9774676d997532a32ba53d347dfa5e60ced701dbdacfa9da570e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:00:17 GMT
x-content-type-options: nosniff
age: 285044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3879
x-xss-protection: 0
last-modified: Thu, 26 May 2022 07:20:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 03:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B17 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 2039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:37:02 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 541A 1 KB
749 B 26ms
25ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 82186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Thu, 29 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FDB0 22 KB
8 KB 43ms
40ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 9973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:24:48 GMT
expires: Fri, 29 Sep 2023 07:24:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F281 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f22ca2840357a6499f1bbe09e6435ad87d74b194164bf28e9dabc6c02449ce51

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 02_Nespresso_Easy_Prospect_728x90.html Show response
s0.2mdn.net/sadbundle/5448102453019561976/ Frame 2DC3 6 KB
2 KB 129ms
40ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cd92faa5c9c2053d646e27d7d123acb627cbcb25e1357ecb65d58ec54e1e8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 94986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2332
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 07:47:55 GMT
expires: Thu, 28 Sep 2023 07:47:55 GMT
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3337 0
622 B 156ms
76ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXfWDoNQzKEZItDMlyuE_dMWFxw3WdutrMdCagw4MQhOpNy35Mf2hZuX2jgfeYCm9P46wGvJhW3TsGzVb7i9HwxNxUDinXpYXjR38uKLnr8JCSuAuZ0JXlza1CSITyvjHrVT_B9v1y6bWCgSpw9GOPg7MrovpW2DJ0NrpzHjz59srlUlN2ZnUosqDHpW7jQ79593OS3zLT07Dg4DFGsSAXvnP_NR55pSiDYvNRmfxg4aR4Vj-i8kBD6UtcgcFqcZ8ogGiwYBPiw-5gQ1pAf4qrjtvWsOg6HiI9FMVgXoXpmooR-IGCKDAfOCg_5_BMkJGnarYXlgkxbFwjhY3Z3J8RuISHtAVvTbv44qTpQhNCDltZ13PgPYPRp04ggerWqxQFiBEVNZhDJr24-6NzmdSnI35UaT5Sodm2t27GW4O1u_Sq0mFTM3MuwJPjG4qd5hLY80RgINgC5k6SfcAgcr3ycNDRfL5EM3L5ed3w6SoUNvaXcGqWqzK4doiSXAtn-hjhJptPaKUlLS4w2wq1Dn3WyACHPJYqwPrBK8RNIwn94nb5_0jKbOAsUXfor0mkK8UfSd_k7sKE67n4Hp8-0UbfCVnbZBqIWgyMj2hMkw5p9zUR5S4y7KDRkHrrEFN48kx3SuvmR7VHAfmiPd4ZDGe7uxeYfVVNaP4p1Jn3yBHFTEBFGHyvjvYc7sp894hV_98xWRzWuYgwHkq7N2QUMpGiaEjojeCPZ39KwAQinUYliwU866NhKWqN8ckNQWVCOJDj3dFo7XYShVcqRQljklzlCYMKXS-2lt-4HQVpVla2regmDuvh5M6nMYqiLxx3P1XK0ODaR0aixOaS91G011BuYo9makodyhAeIB__hVE77WffZfLMYHPbZhNyoouu-v_1McNPfT_3VGL4Ty1Xy1o5Sof6VbKJbGmMV88W6gBloZZZ6A8JsININBjW6tb1z2OoOeT-liTLBTHQ7b6o8D5JUsoxAAXKw7V2KKuZdlm28cguwnSZHRV8bvr7WZZje1hnUzYxmcSmKAaZkQEFGYjRJOWqKMNCfB4QNHRyW0LPX1KuvrJzsIe9ueI8_5mcH41ySIsCsxNQJQ_8mwPAol9-6L4MIZcIWE0slL0luT5j03XI3ur_t7zFzNEBx4YVPusJfJQzd77AkzD6GyfwjdYfm3QfziMPgQMgIJrMN4qyAn0WkfbdlNtGE2dJP3_AQeHdDtqVIt8Qd29EKwqH9fMpe7ViurwtkO8IAZjpuCY&sai=AMfl-YRf2EbzBV47VddwxNbFyhCxzuYAyExgA1ZsQ2lCpRvTmqXOXqrCQgCagCQ74gXy8Smhv4kGxGHN9w3GTg794EMqnVO_R4ZR1rwcnFlJwR-mMGqXPWG9B7IfTpFgtXU9blOms8Y&sig=Cg0ArKJSzJsqcdsljyYPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&cbvp=1&cstd=472&cisv=r20220927.22596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 10:11:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 main.19.8.353.js Show response
static.adsafeprotected.com/ Frame 3337 194 KB
60 KB 110ms
29ms Script
application/javascript 2600:9000:2491:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.353.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/914269/59533523/skeleton.js?ias_dspID=3&ias_campId=1008425768&ias_pubId=pub-2573594588939938&ias_chanId=1&ias_placementId=17866468688&bidurl=https://aesencryption.net/&ias_dealId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ea2340413e985d6822772ae18662cccd19b911fb7ce2a43b3c85bcc9001acc5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:45:53 GMT
x-amz-version-id: 1Z36T6o6k8e3vPmdb1canJE8cWkrgUoe
content-encoding: gzip
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 62708
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 15:57:16 GMT
server: AmazonS3
etag: W/"7376f82218abde1fb9e5d07b89fef3d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: oi59nSKhApxr6v0dKRr84bm3czdpJ1kP2qCdbiKf7Q_9VThRo8ta2w==

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F281 28 KB
28 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 91577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 08:44:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4F3 1 KB
749 B 28ms
25ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 82186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Thu, 29 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9BDE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf38594b6b0f3b0ccac153a6ecfb572a6318e236fc9e14a50b3fa704b92f4150

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 541A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAz8Sn7sELiaU4csUow5048&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHZzcmQyZnQxT0RRdnI1&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHZzcmQyZnQxT0RRdnI1&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4F5NY_zp7XwlQn1AIpL113rO0JrBJCiVVv8eE4ydwhCoE3KPqgZbceKFg

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 10:11:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHZzcmQyZnQxT0RRdnI1&google_gid=CAESEAz8Sn7sELiaU4csUow5048&google_cver=1&google_push=AZmPxg9hjRlwIbyiSCiHFCZGZR7dGK6TM_xpVepJxnSGxy4F5NY_zp7XwlQn1AIpL113rO0JrBJCiVVv8eE4ydwhCoE3KPqgZbceKFg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 541A 70 B
265 B 171ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEZupICLx1k1IBjLe2EDTUo&google_cver=1&google_push=AZmPxg-iPxd0io_fq9P5swv3CnKB-coOptAAWVk7vTNgu0HMPp_ZBWEMU-4W4Ldb0iRc27PeG3DdCCHYdgEt8qp8V4yzu5eDEfez-b0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 541A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGJOuNQRuKvAKa4p4OEPqVk&google_cver=1&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM&google_hm=Q0FFU0VHSk91TlFSdU...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM&google_hm=Q0FFU0VHSk91TlFSdUt2QUthNHA0T0VQcVZr

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 10:11:01 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-JfVGF1abvp3k4Qk-WKD7aXgj9TJrAKPEIp-SgiDXDW7mbKvWeyVet01mKiqEtS8lL0YzP46hDkM2hEcJ9FyHegRNuytL4wOM&google_hm=Q0FFU0VHSk91TlFSdUt2QUthNHA0T0VQcVZr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 541A 43 B
356 B 101ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPm_E6W_DPSLDD49-xhRn4g&google_push=AZmPxg_3AQ2vXJcimbSCE-PYI-9h1p_RBGBT1mZgQwmMPokXrsOEZ9cYrBeAsdSH957F6yiG8Q9q8jGokmHeDmGdiwAZrmcQ_MQwxLM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 541A 43 B
295 B 237ms
54ms Image
image/gif 2a05:d01c:1d8:8100:48cc:fe26:1b0:de7a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHFp-RWzmBop_jgk9GUSgPg&google_cver=1&google_push=AZmPxg_SMxtyQ8Q1WdoYcyiNwvaqIcnBLZ2AHy0MuxlVpQ3YycRFRBGYJxlyxaigSb7QSWgp6_sUkxpKIkn8qTNNtlIkr_ZbnoArJZU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=1319233321&adf=3235933448&pi=t.aa~a.632436594~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&rafmt=1&to=qs&pwprc=9935697718&psa=0&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1716&idt=2&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0%2C1170x280&nras=3&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=YpAPiwjy65&p=https%3A//aesencryption.net&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:48cc:fe26:1b0:de7a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 541A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBSEPYLWLmHkHlfM-leRwUE&google_cver=1&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59ZTkESL9EqEGFKa2TPg

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59ZTkESL9EqEGFKa2TPg

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg99LP_pPvevK_O2J28zjtypYTDKSHYJMF1HjtvYuAgEWzKKTVMis-mheyYl-YCiri2oIIF8ErWPix59ZTkESL9EqEGFKa2TPg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 541A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBSEPYLWLmHkHlfM-leRwUE&google_cver=1&google_push=AZmPxg93Cfzy__Pah4hgXlFFBOcHQ-z9M7v7p0sXUxK0CEAIJaXTOkrnlEUaE6uDdQZwy2BOAIiw6D0FjgE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg93Cfzy__Pah4hgXlFFBOcHQ-z9M7v7p0sXUxK0CEAIJaXTOkrnlEUaE6uDdQZwy2BOAIiw6D0FjgEYr7X_VTHZtNN0xLzqYMiJ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

28ms
28ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 541A 0
12 B 40ms
39ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwINSbPxvL-bHBexe4P0N9aX172cqfnm6y_07V6llXM2EvDwKDhzNGkcNWiF2jFmlCgRVH3A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BDE 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:39:12 GMT
x-content-type-options: nosniff
age: 163909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 12:39:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BDE 15 KB
16 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 362480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BDE 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:28:47 GMT
x-content-type-options: nosniff
age: 168134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:28:47 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2DC3 236 KB
63 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 10:11:01 GMT

GET
H3 200 02_Nespresso_Easy_Prospect_728x90.js Show response
s0.2mdn.net/sadbundle/5448102453019561976/ Frame 2DC3 64 KB
12 KB 41ms
40ms Script
application/x-javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7599928d8b068cc8ce048900930a19c72bbc4b9e903f66dbe00ca81b7aeb767e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 20:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12235
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 20:06:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B17
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

89ms
88ms

Document
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 10:11:01 GMT
expires: Thu, 29 Sep 2022 10:11:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 10:11:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame C72D 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:32:53 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame FDB0 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:32:53 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C4F3 35 B
463 B 100ms
30ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMkrmZ7ZpnZtyzxeNQsTxbU&google_cver=1&google_push=AZmPxg-pJTli9dzqd_vA2MEnV2Y5kjHGB05pyUN2TZG1OKGdvjFDuGOfxsOpfOfJMHX29qaryFweicVFt9X0hJoIC15_oA7vaOVl

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4F3
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8xVIy7VFv67B7bm4RNx5Ee0JhmjYeV1YLbT1ve6Ic7KgnBYTxATEW_Y5O8rhJy-_wCJ5wOCM9Hgd4YciMeDWx8Wa1yVXU&google_gid=CAESENH0_b2qHxDtuDr-3yrxCbk&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLXe1ZkGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGc4eFZJeTdWRnY2N0I3Ym00Uk54NUVlMEpobWpZZVYxWUxiVDF2ZTZJYzdLZ25CWVR4QVRFV19ZNU84cmhKeS1fd0NKNXdPQ005SGdkNFljaU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdkJqMTdXTE5EbDlfN3l5ZlE1cWhSQkVxWk82MDJtTkExMFh0S3pGbTU4Zw==&google_push

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdkJqMTdXTE5EbDlfN3l5ZlE1cWhSQkVxWk82MDJtTkExMFh0S3pGbTU4Zw==&google_push

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Sep 2022 10:11:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdkJqMTdXTE5EbDlfN3l5ZlE1cWhSQkVxWk82MDJtTkExMFh0S3pGbTU4Zw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C4F3 43 B
106 B 38ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECmKY65Iz7eJcMxSW8OQnzU&google_push=AZmPxg9nOnR-Tc7fQ2wLvCMoasyDfj3pFVwe6xMqBxBwOon09S8t0Ruz3m5kSTo4HUW4HXuUshxe1iFALlq7ZJ--xfxOWdrF80k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C4F3 43 B
351 B 79ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIjZ8_v5L7Q5xZDZBfbs5_8&google_cver=1&google_push=AZmPxg9WFi6W0qYicH2gdw6z1381LmDgvlNTaXKWGv0u1SUdV7ebW7CHz5eeoFJocN3PAurtLGwGIpuDFNPJKk19qEQjge6Ko9Ho
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:00 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: e0f7pdeqpneqjfq1m2nr8urm62gd5h9q

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C4F3 0
166 B 381ms
32ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB-itrrtcGJ-PpsGkThViYA&google_cver=1&google_push=AZmPxg-4x9lXNz6-aF-l1VwJIKRo9jJHHhJyUN9sLS5207Ysn6B0cpMPaWY-b-mDDLIiWZCO66pJI5V1MehZESV1yVoDDXz11i7L
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2573594588939938&output=html&h=280&adk=3900167860&adf=326456670&pi=t.aa~a.2310277653~i.10~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1664446260&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9935697718&psa=0&ad_type=text_image&format=1170x280&url=https%3A%2F%2Faesencryption.net%2F&fwr=0&pra=3&rh=200&rw=1170&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664446260333&bpp=2&bdt=1715&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0675c1ca7f467e39-22ed03b732ce00b5%3AT%3D1664446259%3ART%3D1664446259%3AS%3DALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w&prev_fmts=1130x280%2C0x0&nras=2&correlator=4905973425307&frm=20&pv=1&ga_vid=2057108271.1664446259&ga_sid=1664446260&ga_hid=1403744180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705&oid=2&pvsid=3529144704433742&tmod=1953626243&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=SixYygH2dw&p=https%3A//aesencryption.net&dtd=80
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 29 Sep 2022 10:11:01 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4F3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED1en2zcg7qKB_YBM7bmw_g&google_cver=1&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNV0JVWE4tMTMtMkpD&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrRCfgKGtBhFlW7FXhgZB63Ad_3q

170 B
188 B

39ms
38ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNV0JVWE4tMTMtMkpD&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrRCfgKGtBhFlW7FXhgZB63Ad_3q

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNV0JVWE4tMTMtMkpD&google_push=AZmPxg8bgEsoI1vnbR-qLSXSRoORSMjytVReL29fCD3rTr9bXbZGDRBMDJDOndcGsDgsLAoxcrRCfgKGtBhFlW7FXhgZB63Ad_3q
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4F3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_hm=YzVvNNmb8agDYD4pwnEeAwAAEUEAAAIB&google_nid=index&google_push=AZmPxg-eEJ2T5th7jf_qWaFQQUaJ2LxiR2INO...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_hm=YzVvNNmb8agDYD4pwnEeAwAAEUEAAAIB&google_nid=index&google_push=AZmPxg-eEJ2T5th7jf_qWaFQQUaJ2LxiR2INO1bQ8XEBEXSyFRQ-JLZyajkj59ptOx4mMdC3atrsAmESQ7IDdRlIcH_ZhMqWfLkq

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6O%2Bz9F8pSbA57Plxqxz7JYFfHQOTF9Cvfuoel8AzlhHCUOcHMmf8%2BRn1hhsIQhkzx6Fj%2B5ZIY6tT9G0WitWPExNQ5dmIoZUzjKg270ZBjNzWEpUJyCh1dmQ%2BF0%2FS2kvXtFwTMz4du2xkyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBbMMjntz5_qyENLm1_qpI&google_hm=YzVvNNmb8agDYD4pwnEeAwAAEUEAAAIB&google_nid=index&google_push=AZmPxg-eEJ2T5th7jf_qWaFQQUaJ2LxiR2INO1bQ8XEBEXSyFRQ-JLZyajkj59ptOx4mMdC3atrsAmESQ7IDdRlIcH_ZhMqWfLkq
cache-control: no-cache
cf-ray: 7523eeae9ba3bb11-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C4F3 0
12 B 38ms
36ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkL_56F3t_aezOuzd-yCGem64NmcvsJ6QijfzCRLkRoRbsoRDXqYSW2K8K7QRBzSdYQVab

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame E105 36 KB
16 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:32:53 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3337
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/914269/59533523/skeleton.js?ias_dspID=3&ias_campId=1008425768&ias_pubId=pub-2573594588939938&ias_chanId=1&ias_placementId=17866468688&bidurl=https://aesencrypt...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

25ms
25ms

Script
application/javascript

2600:9000:2491:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:2491:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 19512778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: DUaGcEz_Bp47lM5hHO8VHT-GtPlXphDZlM5Ro7-XLU-h--yyd6dQow==

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E19A 91 KB
23 KB 27ms
27ms Script
application/javascript 2600:9000:2491:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 671685
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: J9kb-vYuhSOSbTDDF0wo417lcvlBug87VXQykZgLKYZYn0rUTerb6A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 390ms
111ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gof,pingTime:-3,time:300,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:264%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:300,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:0,renddet:na,siq:266%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 387ms
112ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4goh,pingTime:-6,time:302,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:302,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:0,renddet:na,siq:266%7D&tpiLookup=ao:aesencryption.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 284ms
112ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gpZ,pingTime:-2,time:408,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:755,beZ:758,mfA:993,cmA:996,inA:996,inZ:1003,prA:1003,prZ:1011,si:1020,poA:1022,poZ:1041,cmZ:1041,mfZ:1041,loA:1057,loZ:1061,ltA:1162,ltZ:1162,mdA:760,mdZ:903%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:264%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:408,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B164~0%5D,as:%5B164~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:266,sinceFw:140,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 26 KB
26 KB 40ms
40ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/bg1.jpg?1649601158589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad7d71184aef725d57bfba04c3e425aaa1a24090dd457cb9665da4488557fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:47:55 GMT
x-content-type-options: nosniff
age: 94986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26582
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 07:47:55 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3337 0
26 B 147ms
74ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXfWDoNQzKEZItDMlyuE_dMWFxw3WdutrMdCagw4MQhOpNy35Mf2hZuX2jgfeYCm9P46wGvJhW3TsGzVb7i9HwxNxUDinXpYXjR38uKLnr8JCSuAuZ0JXlza1CSITyvjHrVT_B9v1y6bWCgSpw9GOPg7MrovpW2DJ0NrpzHjz59srlUlN2ZnUosqDHpW7jQ79593OS3zLT07Dg4DFGsSAXvnP_NR55pSiDYvNRmfxg4aR4Vj-i8kBD6UtcgcFqcZ8ogGiwYBPiw-5gQ1pAf4qrjtvWsOg6HiI9FMVgXoXpmooR-IGCKDAfOCg_5_BMkJGnarYXlgkxbFwjhY3Z3J8RuISHtAVvTbv44qTpQhNCDltZ13PgPYPRp04ggerWqxQFiBEVNZhDJr24-6NzmdSnI35UaT5Sodm2t27GW4O1u_Sq0mFTM3MuwJPjG4qd5hLY80RgINgC5k6SfcAgcr3ycNDRfL5EM3L5ed3w6SoUNvaXcGqWqzK4doiSXAtn-hjhJptPaKUlLS4w2wq1Dn3WyACHPJYqwPrBK8RNIwn94nb5_0jKbOAsUXfor0mkK8UfSd_k7sKE67n4Hp8-0UbfCVnbZBqIWgyMj2hMkw5p9zUR5S4y7KDRkHrrEFN48kx3SuvmR7VHAfmiPd4ZDGe7uxeYfVVNaP4p1Jn3yBHFTEBFGHyvjvYc7sp894hV_98xWRzWuYgwHkq7N2QUMpGiaEjojeCPZ39KwAQinUYliwU866NhKWqN8ckNQWVCOJDj3dFo7XYShVcqRQljklzlCYMKXS-2lt-4HQVpVla2regmDuvh5M6nMYqiLxx3P1XK0ODaR0aixOaS91G011BuYo9makodyhAeIB__hVE77WffZfLMYHPbZhNyoouu-v_1McNPfT_3VGL4Ty1Xy1o5Sof6VbKJbGmMV88W6gBloZZZ6A8JsININBjW6tb1z2OoOeT-liTLBTHQ7b6o8D5JUsoxAAXKw7V2KKuZdlm28cguwnSZHRV8bvr7WZZje1hnUzYxmcSmKAaZkQEFGYjRJOWqKMNCfB4QNHRyW0LPX1KuvrJzsIe9ueI8_5mcH41ySIsCsxNQJQ_8mwPAol9-6L4MIZcIWE0slL0luT5j03XI3ur_t7zFzNEBx4YVPusJfJQzd77AkzD6GyfwjdYfm3QfziMPgQMgIJrMN4qyAn0WkfbdlNtGE2dJP3_AQeHdDtqVIt8Qd29EKwqH9fMpe7ViurwtkO8IAZjpuCY&sai=AMfl-YRf2EbzBV47VddwxNbFyhCxzuYAyExgA1ZsQ2lCpRvTmqXOXqrCQgCagCQ74gXy8Smhv4kGxGHN9w3GTg794EMqnVO_R4ZR1rwcnFlJwR-mMGqXPWG9B7IfTpFgtXU9blOms8Y&sig=Cg0ArKJSzJsqcdsljyYPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=968&vt=11&dtpt=490&dett=3&cstd=472&cisv=r20220927.22596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: aesencryption.net
URL: https://aesencryption.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 9 KB
10 KB 40ms
39ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/bg2.jpg?1649601158589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d55ec3b117895ee75cfd31ffc35a58b183b8478e5f097840dbec83e6a38ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:16:53 GMT
x-content-type-options: nosniff
age: 352448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9714
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 08:16:53 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
216 B 151ms
111ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gs6,time:539,type:e,im:%7Bpci:%7Btdr:234%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:539,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B295~0%5D,as:%5B295~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:266,sis:500%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB0 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bctk4NG81Y9GbJ8ii9u8Pw7OfmAcAAAAAOAHgBAI&bg=!urmluf3NAAYIxsuQKMY7ACkAdvg8WvXMohFkqQevtBne39dWDv7r_DlH6WB-ePXZzYaAP48Jeuq4fQIAAAC4UgAAAAJoAQeZAslqaKfB3PqMBLBh__-jNoFE0sYmOUOaqWfbfeqnuwFfKnJGn9QNxdQuNN-jDwNFOE3YvX6JuUlCBOGwycvgonlfru21rxZATqgnEw1ss2JnVR0y_wKy3MWK6LH69MWtg2chWp3FQxqkjJVXSQfWX3rLUnKdGbcSgl9Fvv-phHcZcyvamafXQ8XzwUQz1Lx9vkEV8AhJRdQChY926eyluqIiW5nHBiKHjn7-WiUyqdNuLhsZqzqtkYqVu7-snIgrEtulQCaLWFk3um8Bi-fYJUuCkg6xWYt4abeajoizVK7iCaOCSdA5EHFaoreJDPLrJxW-1euRZ_q-po4QgPfWbKL9oeoZjYM59S5HOBt9DwNbBw99awAdlVK1xYQtuKzdzS831_q29UFLfreDXG0ypS65cvRYpck5bMIF86R5aEO9GnJ0a427RBobloZgLCW-fTqw1lHE9Kk_U9oKMLI4I3fVfws7RcwB6tUsemENnstCloaaL6zimc8T6obK6AWnTkJli0W3v6B9-AoxOoRRY1ZS91v8v85jsqtOIK8xoX4m7PBqyduTvfJyuVCp4s3uJLxPh8n7Gr2rFVUc5qvd4DXE0gAUwArCzj97m3buW10xZrgSP_XUnS6m0fzW9AHOd3fq-_3N5Kkcf0rBxJimHByuk0Bfu-EciCTdMRsV9UNlGGz4rDUItCbN9FOK-IOdfsAQZzLXN_0e8hOlNzEfqIuhPE03bsx2un0-0WHmXFm52XuPApa3h2Gy3rM-J-DR8V5Xi_OthpTppCn9CyDyFRA9pbTV-fuauK4sJFBJ3JyMaXSGV5Xi2NEQvmyGG1OLj6vgbsEVJ_eJ0D7ymscqKx77E5Mau-sZ6MsPRyeSRMA-Hi1orkWeB4Bdh_XdGXWBmZYSDwJRSgRRQCc1bsNZ9UOaJClIHf31v-5oMH_ECCqZzUzHzENohvoVIA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 28 KB
28 KB 40ms
39ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/bg3.jpg?1649601158589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8780f0db96cafbc03ffcd1ca02c698602d3b7bf987256562d649ad4eb84e735f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:05:49 GMT
x-content-type-options: nosniff
age: 162312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28570
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 13:05:49 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 20 KB
20 KB 40ms
40ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/bg4.jpg?1649601158589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b5c17f555e652a2bdb56bfb915a0dd62a6ada565b1268009ca3207df2f0c5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:05:49 GMT
x-content-type-options: nosniff
age: 162312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20498
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 13:05:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 989D 42 B
64 B 116ms
63ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuldhKopByvidT50EqUkUE0XyzKLLNdmUAWN6yWY9O5-sg8e0Mb6qDH5UWZ5ERdZABp06FU--xrqKeIXUjt2fPyntpBA_fYYertI-Cl2eHYsxCdJRvBoFtdsUSlLW5blkKISCTn_w&sai=AMfl-YSZ9oLYC7LWV_iH3-3o2eqCHom0FmPy_cMdjOxrc-28eb1vi6L6gMSClchdIgp6h4sh6ghhcDI2zqfQ4cQ&sig=Cg0ArKJSzK1lUMZW0VLxEAE&id=lidar2&mcvt=1000&p=0,0,280,1130&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2466049890&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664446259559&rpt=1340&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 capsule.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 9 KB
9 KB 39ms
39ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/capsule.png?1649601158589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a795e9cf929ee4c8107975437ba8ee5fd33ba888d8c3ab22d6dff55a2422f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:22:02 GMT
x-content-type-options: nosniff
age: 395339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8747
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Sep 2023 20:22:02 GMT

GET
H3 200 dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 54ms
34ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-bottom.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ffccca0958c2710d1eb8b56616436104e48271e70c3dddf1ba4eb0a9df065a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4890292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 700
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4QRdqu8PhCcukl%2Bx1lnH0AhY0JKc%2B4oO0rgfAnDSRKXdgcY1EDGkn3HVykRooeEb2mIiUE3z0cv5QW27%2BwvNkRvUgRYSo7FnOFz0BXlhdrCCnjNKfXhACmt%2B%2FzD%2FgQre5uvBYf2Bl1AUCmUcVwmypyn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7523eeb15a01374e-MXP
expires: Tue, 19 Sep 2023 10:11:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 65ms
43ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58d8408e2005883b6e1254af180a056e955d01c3b259515baa7b2e8a610a3378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11223
x-xss-protection: 0

GET
H3 200 capsule1.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/capsule1.png?1649601158589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37713baa3172299610d3ce630631cdf9db2c8ca6204456db9efdf1038af47073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:05:52 GMT
x-content-type-options: nosniff
age: 162309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 13:05:52 GMT

GET
H3 200 capsule2.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/capsule2.png?1649601158589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37713baa3172299610d3ce630631cdf9db2c8ca6204456db9efdf1038af47073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 18:20:06 GMT
x-content-type-options: nosniff
age: 402656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Sep 2023 18:20:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 92ms
91ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 10:11:02 GMT

GET
H3 200 capsule3.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/capsule3.png?1649601158589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37713baa3172299610d3ce630631cdf9db2c8ca6204456db9efdf1038af47073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 20:06:22 GMT
x-content-type-options: nosniff
age: 137080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 20:06:22 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gxB,pingTime:-10,time:880,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664446262130%7C%7C9143467f3f8be588f2ec7acdc86e19b4%7C%7Cee95bd761b4bccc3f8ed2a1a1f1daa7c%7C%7C8f0798e6813110241dd76d132c6768f6%7C%7Cff5b6ec7e9c3693e37e927c8432aae93%7C%7C5fadf5be66e7baaba493a452e3fdac47%7C%7C9c2b198e5ea19fba06daef1930f70af3%7C%7C0c4e557f1d688aa59152a2e41c408240%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:02 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 84A8 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 342743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:58:39 GMT
expires: Mon, 25 Sep 2023 10:58:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F38E 783 B
534 B 38ms
37ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a9d93635f16667798ed5ffa094540bc5a9ffb5bfdfba3f6976f01492c71df7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nLms542CpLoZDS_PmbpuFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aesencryption.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nLms542CpLoZDS_PmbpuFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:11:02 GMT
expires: Thu, 29 Sep 2022 10:11:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 4 KB
4 KB 40ms
40ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/logo.png?1649601158589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b01c742dbdcf0eb69afc40bf8ed8e8ab821b7bfdc315df6b8b95a52099ee0ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:47:56 GMT
x-content-type-options: nosniff
age: 94986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 07:47:56 GMT

GET
H3 200 tazza.png
s0.2mdn.net/sadbundle/5448102453019561976/images/ Frame 2DC3 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5448102453019561976/images/tazza.png?1649601158589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92daed4fb4a713a202115ea9dff267abf4d75a0119849614c4e766ededcf0428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5448102453019561976/02_Nespresso_Easy_Prospect_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:06:01 GMT
x-content-type-options: nosniff
age: 151501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1643
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 16:06:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F38E 0
0 62ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=3529144704433742&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 84A8 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:32:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 84A8 0
10 B 39ms
39ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n7jtUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:11:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3337 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhfxlwfy2l--7WALYb8TLqdnmRss1EN1BqLBj-E1Q3CCh4y5apOxWmSF-9etpoXDKSSgD2hGbPUdrSt2cfF4otGymna7FD3xv45p4MIE26g2XQzu_ZA89Gd2dxuFPxqgrpJaxCMg&sai=AMfl-YT_9Sb60Sc4t2qVlwb89cOca0GGrX1-qGEKbLZ4qgOOk5hcw2stA7VeNUJAohFKapg6AJaLX2E9fpefBW4&sig=Cg0ArKJSzBM6kPEcnW-yEAE&cid=CAASBORojWk&id=lidar2&mcvt=1008&p=0,0,90,728&mtos=922,1008,1008,1008,1008&tos=922,86,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664446260496&rpt=929&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=3529144704433742&bg=!OjmlOX3NAAYIxsuQKMY7ACkAdvg8WjuCcMr2jPLYl7l4fD_BBIb0-ZUlBZRON_urKvYlp4rU1nap3AIAAACAUgAAAAZoAQcKAJ1xUIcMUbQX3VUW8aBZ-2ryfcuB4xXs85vL6VwRhjRXquupJth5l63oQiJz-3rynBbnJUfHD1JS_Id2drsZl4glPjF8esFxtvvmngpy3tMSJwbiRg79dSpNpK9kAVR7U61PqoxiOZY-FWXGvP51w3tgX3Go8UDHUXFBWz1oqL6uSRfDzRPtvUlKQ_bYZWDpxbNJID3pcCvQtezbinr1mQKj5EQgZU0pY7H5qXWCSa-rq-Q1JbFHUnokn2-7LldKn-zBN6MTQyBANMkefMUf0RKWfi2CQ9_TyJpo9KtcW4NQP3Hjqbe8V7T1WnSZrTRegITmwrejm1n4Z8Kby5PejQpRJDTmaH7up9Y2osMUUBD-ns-omI84gRQhWgX_MVeoqLeyYs7hCd4aHKT6Lv0XsRUiOFfyGB6JBw0HLponfNAPOsyeKhrZaH84mniqNYo5ibiJ8TkLPGImNCqPFZSUIGiqBzPD2_oxu5XEXSrUwruUHOKbD6suZ4ZetfjU5vpy25ISThuuqZrABGHu01Ea5djmvOnX7IUU_CDJ5JdAVk1KiYKenX-J0pF4RBcqJpwrT7ZY8JvoqpvIAKjpOH3hW0axVyLrD1HjG3F36kpYFLuIp4tecWpql5gb0m-Z13yhFzr2kSTkCxSEXVscoPIcVOHubbJMz0AJbgBbU-fQafCXM9BY4AXjgC9v4r-2-1s3eeHBci598BZvYSfyXsE-MBeIBx2AVdlpKX0OEOkA23nXCHM-2NaXsz-cRn2_M-wxoa5p60MR4VHyfwh8Mq_A3YioV2r1Y39eQzMYVUg4lL9pwQSSqha8LyPsXr4sO-J-hPMtkeTw1tL2ECpAyFKdFRdh1sjjmXKS6xx2-_Xsc8USYFBS86imWGgaPUDVtw5IKzcq3Cbkr8DytzfeY4iJh5u9kLvYog7HtnFCvoZ36R0z20hZTc3rtX6GPz2YvwygGfSA8I8l1lNGxGYSVIZzI48cBPl2mApoIlCoeNHp3aX6N2idYdXkg8nUxpxHiENW7Jh3Vi0-JLaSUdXn7Rx7AiR1ZX3vJqEMBBqLlDWc0kRDnbjGgSb95-VXjcM12YIihPqvTFsqueVw-QqxFBHU1Mr9fS8I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://aesencryption.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gWl,pingTime:1,time:2414,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:264%7D,%7Bpiv:100,vs:i,r:,t:1411%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1168~0,1~100%5D,as:%5B1169~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:266,sis:500%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:03 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gWl,pingTime:1,time:2414,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:264%7D,%7Bpiv:100,vs:i,r:,t:1411%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1168~0,1~100%5D,as:%5B1169~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:266,sis:500%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:03 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3337 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4280:6133:b508:364f:c43b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=914269&asId=716356ff-9481-4408-bf05-b0ba485ad824&tv=%7Bc:pB4gWm,pingTime:1,time:2415,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:264%7D,%7Bpiv:100,vs:i,r:,t:1411%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1004,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1168~0,1~100%5D,as:%5B1169~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tiOGT5x+11%7C12%7C131%7C14%7C151%7C152%7C161%7C162%7C163%7C17*.914269-59533523%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:266,sis:500,metricId:dfhui1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:6133:b508:364f:c43b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 10:11:03 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aesencryption.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4u3mu1ma0u62h2gcoe20elnh7t
.aesencryption.net/	1970-01-20 15:56:46	Name: _ga Value: GA1.2.2057108271.1664446259
.aesencryption.net/	1970-01-20 06:22:12	Name: _gid Value: GA1.2.1932115069.1664446259
.aesencryption.net/	1970-01-20 06:20:46	Name: _gat Value: 1
.aesencryption.net/	1970-01-20 15:42:22	Name: __gads Value: ID=0675c1ca7f467e39-22ed03b732ce00b5:T=1664446259:RT=1664446259:S=ALNI_MZ9A-n5A4WsAi1LPWEIT94tMqkG5w
.adnxs.com/	1970-01-20 08:30:22	Name: uuid2 Value: 1670296567289364934
.casalemedia.com/	1970-01-20 15:06:22	Name: CMID Value: YzVvNNmb8agDYD4pwnEeAwAA
.casalemedia.com/	1970-01-20 08:30:22	Name: CMPS Value: 4417
.casalemedia.com/	1970-01-20 08:30:22	Name: CMPRO Value: 4417
.doubleclick.net/	1970-01-20 15:42:22	Name: IDE Value: AHWqTUkSwyWB3A_Y_Srki-r47tsW7GZkqoefzW6WxcQK-b8tblU4mUYNlAuwlgEDeZQ
.adnxs.com/	1970-01-20 08:30:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_hl(g?!]tbPl1M>e)ZlrFUfJ+tGXxo<AdZsn[2$K6E:DkH@gg-nDw^xG`dW5YA*jl43If)y3KL9D3I?+_wB200
.agkn.com/	1970-01-20 15:06:22	Name: ab Value: 0001%3A2YOwG79xIXJzbISEMXPMup12CrvLwwup
.agkn.com/	1970-01-20 15:06:22	Name: u Value: C\|0CEAqyCu1KsgrtQAAAAAAAQ13AQCAAQpAAAAAAA
.rlcdn.com/	1970-01-20 15:06:22	Name: rlas3 Value: e/zA4/c0GVlOB5dHbm/67ws3mkTEnPsbFPkBWcWIPzI=
.w55c.net/	1970-01-20 15:49:34	Name: wfivefivec Value: Dvsrd2ft1ODQvr5
.quantserve.com/	1970-01-20 08:30:22	Name: d Value: ECQBCQGbJ4EA
.quantserve.com/	1970-01-20 15:51:00	Name: mc Value: 63356f35-84d4a-3b6e1-e62ca
.casalemedia.com/	1970-01-20 08:30:22	Name: CMTS Value: 4506
.doubleclick.net/	1970-01-20 06:20:49	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 08:30:22	Name: uuid Value: 40882521-2a6c-45ca-9ebd-a0ab539da25f-20220929 06:11:01
.w55c.net/	1970-01-20 07:03:58	Name: matchgoogle Value: 5
.rlcdn.com/	1970-01-20 07:47:10	Name: pxrc Value: CLXe1ZkGEgUI6AcQABIGCOndKhAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
aesencryption.net
ag.innovid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.addtoany.com
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
104.18.18.126
104.18.19.126
142.250.180.194
142.250.186.162
142.250.186.98
15.197.193.217
151.101.66.133
198.47.127.19
2600:1f18:1aca:4280:6133:b508:364f:c43b
2600:9000:2491:c00:8:48e:53c0:93a1
2606:4700:10::6816:47c5
2606:4700::6811:190e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a00:1450:400d:805::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2006
2a00:1450:400d:80c::200e
2a00:1450:400e:800::200a
2a05:d01c:1d8:8100:48cc:fe26:1b0:de7a
3.120.25.48
3.124.130.212
34.98.67.61
35.227.252.103
35.244.174.68
37.252.173.22
51.89.9.251
63.33.165.208
69.173.144.165
94.177.176.90
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0235c15bcd5eedf978f46cac91727dadb327908a6a7418ce269c040fb0439da7
0a795e9cf929ee4c8107975437ba8ee5fd33ba888d8c3ab22d6dff55a2422f57
0ac141c68e9774676d997532a32ba53d347dfa5e60ced701dbdacfa9da570e6c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1364259555f0c3024aababcee93be20767adca520261680281218bd1dacaeb89
137b350370ca2d508274f0fb78127b1f2b032062930680f4b5b7af2acdb98083
1424a43a2f8c3a679dae42f0fde395d936166bace93565f053eba90baa0682f6
159b110cf43121f8ee3bab4a069568b7e5b4be08f55dd46a3ee59cc4591090e7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1bc8b9cb4ac4b4441a15136f1b4733f91e710dd9b9f86d28523a332bb0deb763
2a9d93635f16667798ed5ffa094540bc5a9ffb5bfdfba3f6976f01492c71df7f
3597ef7142b471a9e45bb2f7cc20c166cb382d558130c889c7d64b3339396198
36925e7859abeeb8681d694d702e00b1fbba6f37ac49b11e8f863ed24507ca6a
372e7affbde11d63fcede954c4c3a72c023b95e26ad9973819b8c92aa0ec3796
37713baa3172299610d3ce630631cdf9db2c8ca6204456db9efdf1038af47073
3cd92faa5c9c2053d646e27d7d123acb627cbcb25e1357ecb65d58ec54e1e8e0
3ea2340413e985d6822772ae18662cccd19b911fb7ce2a43b3c85bcc9001acc5
4031c29838b526f3db538e1446b2ee446b28bef557345e67c7122a809f9d705f
47d55ec3b117895ee75cfd31ffc35a58b183b8478e5f097840dbec83e6a38ef0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5081101e5d86fbcc98b734678b34720e8a62b9c20b44b8b39a104c45c635927d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58d8408e2005883b6e1254af180a056e955d01c3b259515baa7b2e8a610a3378
5ad7d71184aef725d57bfba04c3e425aaa1a24090dd457cb9665da4488557fab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ce3854c13015d809b16c1325e707259e05d74eb7a4b958d2e96cf892d7557d
64dface6e5fbbbf6065d4c198123b6910345efb5c85818cfddbc8a8adb4734ea
6b0d64eb580468445daa61a73e7f63ac5d7062f6798037496d004497419fd764
73228d9a6006ce57a1d188b124f6c4152c96abcd6e633b1c06af5dc0021113de
7599928d8b068cc8ce048900930a19c72bbc4b9e903f66dbe00ca81b7aeb767e
799dceac1907cb1d9c92d696c51b861e69a726a2eb903965fef460a6ac3feeec
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8780f0db96cafbc03ffcd1ca02c698602d3b7bf987256562d649ad4eb84e735f
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cb22fa8ac1b6ee40b8e49db01d74a398c086095ebb76817f2e52cdeb99813cc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e24ee621c9fd260205bcb1764d8f6db8221c9f066b8b0d8cabcdf07d6eb9f53
8ed4cec53b3c45549d34b6345471e035274dde988797b902733cf8694e88be9f
92428cffd634db8af6ec9a0e90ea6601bc5756dfec79fdd13634b8aca3ca06f2
92daed4fb4a713a202115ea9dff267abf4d75a0119849614c4e766ededcf0428
95ce9e9f5cd21c804e3c8465319a5d7ade7e308ce89cb36c51a047915b62c1f7
96063f2292a8e475aeea91a713d0cb03008ea374e8c209d5a85dc998794612a9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5c17f555e652a2bdb56bfb915a0dd62a6ada565b1268009ca3207df2f0c5ea
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b191e419424a0ba5b37de1238a23c85feebedf050cfd2d9dfb0993dd40072b
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aeb6cfeaa17740d5d84c44dacf2534f99e17d2027128dc882dfc9ad274a4a82f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01c742dbdcf0eb69afc40bf8ed8e8ab821b7bfdc315df6b8b95a52099ee0ad3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b964f75cb8c613e484743bf4daaac6efc65c74156fca95cd76ca15d742555d1d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0ffccca0958c2710d1eb8b56616436104e48271e70c3dddf1ba4eb0a9df065a
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
cf38594b6b0f3b0ccac153a6ecfb572a6318e236fc9e14a50b3fa704b92f4150
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d61ec44fbbd088b972ab66ef50a82b823987fd26165376b25eb0f6eb3321abbe
d734672f941caed0316ee7bf430678f15a0aeb4bd39444876fdc503bba7e35a9
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6e11b13e446bd4e1cbad236bde511133db4ba93e278bc70bfd1d8b58b99fd3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0658601ec218af17ef062c0a57a3fb492033a478223a053975eeae25f87e275
f22ca2840357a6499f1bbe09e6435ad87d74b194164bf28e9dabc6c02449ce51
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e2fceeb6bc1c619d6e02f90c3295bb774765d7b08278cf4e4e3b87fbd96a42
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
facac4b5d8fa7d997761cc616856ba5f78397fe76df3d39cc2fb113a02c0dfea

aesencryption.net Open in urlscan Pro 94.177.176.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

92 %HTTPS

53 %IPv6

28 Domains

38 Subdomains

34 IPs

7 Countries

1646 kBTransfer

3898 kBSize

22 Cookies

10 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aesencryption.net Open in urlscan Pro
94.177.176.90 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

92 %
HTTPS

53 %
IPv6

28
Domains

38
Subdomains

34
IPs

7
Countries

1646 kB
Transfer

3898 kB
Size

22
Cookies

159 HTTP transactions
4 data transactions