Submitted URL: http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Effective URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Submission: On October 26 via manual from IT — Scanned from IT

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 118 HTTP transactions. The main IP is 50.87.253.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is qa.elbwaba.com.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.
This is the only time qa.elbwaba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41.185.64.51 36943 (ZA-1-Grid)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
13 50.87.253.242 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
6 8 142.250.186.130 15169 (GOOGLE)
3 7 185.80.39.216 27381 (CASALE-MEDIA)
4 6 185.89.211.132 29990 (ASN-APPNEX)
2 44.207.12.74 14618 (AMAZON-AES)
2 142.250.184.194 15169 (GOOGLE)
1 3 3.126.26.70 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 3.220.229.144 14618 (AMAZON-AES)
118 24
Apex Domain
Subdomains
Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
471 KB
24 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
135 KB
20 clinch.co
realtime.clinch.co — Cisco Umbrella Rank: 6800
cdn.clinch.co — Cisco Umbrella Rank: 5443
img-cdn.clinch.co — Cisco Umbrella Rank: 6440
trk.clinch.co — Cisco Umbrella Rank: 4256
275 KB
13 elbwaba.com
qa.elbwaba.com
106 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
5 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
68 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
6 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
186 KB
3 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1806
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
2 google.it
adservice.google.it — Cisco Umbrella Rank: 47685
914 B
2 ois.is
ois.is — Cisco Umbrella Rank: 348968
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
694 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
346 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
77 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4998
230 B
1 nusoulhubradio.com
www.nusoulhubradio.com
279 B
118 18
Domain Requested by
18 pagead2.googlesyndication.com qa.elbwaba.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 cdn.clinch.co realtime.clinch.co
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.nusoulhubradio.com
13 qa.elbwaba.com www.google.com
qa.elbwaba.com
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 t.myvisualiq.net 1 redirects googleads.g.doubleclick.net
3 www.google.com 1 redirects ois.is
tpc.googlesyndication.com
2 trk.clinch.co realtime.clinch.co
2 img-cdn.clinch.co realtime.clinch.co
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 realtime.clinch.co googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.it pagead2.googlesyndication.com
2 ois.is www.nusoulhubradio.com
ois.is
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com qa.elbwaba.com
1 bit.ly 1 redirects
1 www.nusoulhubradio.com
118 26

This site contains links to these domains. Also see Links.

Domain
static.elliemae.com
www.abra.com
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
*.ois.is
E1
2022-08-31 -
2022-11-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
www.qa.elbwaba.com
R3
2022-10-10 -
2023-01-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.google.it
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.clinch.co
Go Daddy Secure Certificate Authority - G2
2022-03-16 -
2023-04-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.myvisualiq.net
Go Daddy Secure Certificate Authority - G2
2021-12-12 -
2023-01-13
a year crt.sh

This page contains 18 frames:

Primary Page: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Frame ID: 4F8A7AEDD9B830EA84D04451C83CF013
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 13E93DDA62B0EDD601FACE5458D4AA5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666748809&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809375&bpp=3&bdt=536&idt=182&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7752879546787&frm=20&pv=2&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202
Frame ID: F6EE6FCA0F38BDFBB1D563F4EA8B8613
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Frame ID: DE4C0077E677935507BCB7A03E272268
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Frame ID: 2C59867DC8E8C67BE10D9228BDE26119
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Frame ID: F62A8322F7E9DC354770228EA7EE9CAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Frame ID: F17CA86831879D6BB0F3A16C38B72734
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Frame ID: D86E0BBDF781C184FCE23D1A8C69154B
Requests: 10 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 47361F0ED473FE70DA38A70935929732
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Frame ID: 183C952A78DB3A075A231831DBD0754C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Frame ID: ABB2D4190E9733A3C29CFBF43B95ED32
Requests: 9 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: D264F0EE1E45131EE926FF5830828734
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: BDD70F2B3C71AEF91D76F9E94FDD3925
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 12BFB2EF899709068521458B5F8D6B72
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: FF1D59B9C67F66A3C861051F21075220
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 522E271A3D44741F9924CC5229C24BBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD4AE3E347BF91C04EB9D8C702E9EF6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BA4F951BCB59464F76DF70C9D71B66D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

crypto loans without collateral 2023 - Top Crypto

Page URL History Show full URLs

  1. http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php Page URL
  2. https://bit.ly/3AAXYh6 HTTP 301
    https://ois.is/rr/page-1.php Page URL
  3. https://ois.is/images/logo.png Page URL
  4. https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/56/crypto-loans-without... Page URL
  5. https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

92 %
HTTPS

58 %
IPv6

18
Domains

26
Subdomains

24
IPs

4
Countries

1376 kB
Transfer

3310 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php Page URL
  2. https://bit.ly/3AAXYh6 HTTP 301
    https://ois.is/rr/page-1.php Page URL
  3. https://ois.is/images/logo.png Page URL
  4. https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023%3Fshow%3D57&ved=2ahUKEwj3q5fC5fn6AhW7QPEDHXA2CzEQFnoECBoQAQ&usg=AOvVaw2CJu79ugoWbFUZ244ANeLo Page URL
  5. https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/3AAXYh6 HTTP 301
  • https://ois.is/rr/page-1.php
Request Chain 35
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuzSXNNErV8kgxDzfgBvuo&google_cver=1
Request Chain 36
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iRioyrNxB-f6WzNWXOPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECwWxpHBgxuxlrgAONC3-js&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwWxpHBgxuxlrgAONC3-js%26google_cver%3D1
Request Chain 38
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1MzEyMzg3NzU1MTU4NzI5
Request Chain 43
  • https://t.myvisualiq.net/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_18662058859_432965319$$&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_18662058859_432965319$$&viq_did=&pt=i
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Request Chain 63
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iRioyrNxB-f6WzNWXOPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Request Chain 64
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOlqAKuouAMtXeVeqv-Gapg&google_cver=1
Request Chain 65
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzU0MDk5NzczMDA2NTE0
Request Chain 94
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
wp-mail.php
www.nusoulhubradio.com/wp-includes/SimplePie/Parse/
129 B
279 B
Document
General
Full URL
http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Protocol
HTTP/1.1
Server
41.185.64.51 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
nns02-cvps01.hostserv.co.za
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Oct 2022 01:46:46 GMT
Server
nginx
Transfer-Encoding
chunked
page-1.php
ois.is/rr/
Redirect Chain
  • https://bit.ly/3AAXYh6
  • https://ois.is/rr/page-1.php
145 B
576 B
Document
General
Full URL
https://ois.is/rr/page-1.php
Requested by
Host: www.nusoulhubradio.com
URL: http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75ff852bedbbbac7-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 01:46:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O12U8jJ6uJqkGhQFz2nozQ4sdcFFL7ogz3gXN0RQ7432dmvo5NyyvO9CmIx5jqnGDZfciMdXCrRQFiMkjLMnvyWOfaLB1ADFvTDKArdtJoY4RX824yP6KXUWH4%2F2%2Fvkk6pRgYoc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
115
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 01:46:46 GMT
location
https://ois.is/rr/page-1.php
server
nginx
via
1.1 google
logo.png
ois.is/images/
501 B
504 B
Document
General
Full URL
https://ois.is/images/logo.png
Requested by
Host: ois.is
URL: https://ois.is/rr/page-1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ois.is/rr/page-1.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75ff852cee32bac7-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 01:46:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apLdEcDli%2BL8TMscIDKqsVsw6uZSmdxKAZKMVS9617EKOrjna0ojlpDM6wL9woU65mbggDKkKE1%2FxTJL8ol0I4tTY454gcClDwQCGBhnJLwjogMbdstq9MbTXl%2B1DpeUv89%2BXa4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
url
www.google.com/
1015 B
1 KB
Document
General
Full URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023%3Fshow%3D57&ved=2ahUKEwj3q5fC5fn6AhW7QPEDHXA2CzEQFnoECBoQAQ&usg=AOvVaw2CJu79ugoWbFUZ244ANeLo
Requested by
Host: ois.is
URL: https://ois.is/images/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://ois.is/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
506
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 01:46:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request crypto-loans-without-collateral-2023
qa.elbwaba.com/56/
38 KB
12 KB
Document
General
Full URL
https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023%3Fshow%3D57&ved=2ahUKEwj3q5fC5fn6AhW7QPEDHXA2CzEQFnoECBoQAQ&usg=AOvVaw2CJu79ugoWbFUZ244ANeLo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
fac7e0f42023925c6d3b86a6a4707e3ba68667c11b695dbfe6c6d8b7f83160ee

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
12349
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 01:46:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
x-nginx-cache
WordPress
qa-styles.css
qa.elbwaba.com/qa-theme/SnowFlat/
70 KB
18 KB
Stylesheet
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:48 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 21 Apr 2021 04:04:58 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Fri, 25 Nov 2022 01:46:48 GMT
jquery-3.5.1.min.js
qa.elbwaba.com/qa-content/
87 KB
38 KB
Script
General
Full URL
https://qa.elbwaba.com/qa-content/jquery-3.5.1.min.js
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:48 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 21 Apr 2021 04:04:56 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=21600
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Wed, 26 Oct 2022 07:46:48 GMT
qa-global.js
qa.elbwaba.com/qa-content/
20 KB
7 KB
Script
General
Full URL
https://qa.elbwaba.com/qa-content/qa-global.js?1.8.6
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:48 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 21 Apr 2021 04:04:56 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=21600
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7211
expires
Wed, 26 Oct 2022 07:46:48 GMT
snow-core.js
qa.elbwaba.com/qa-theme/SnowFlat/js/
2 KB
1 KB
Script
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:48 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 21 Apr 2021 04:04:58 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=21600
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1047
expires
Wed, 26 Oct 2022 07:46:48 GMT
js
www.googletagmanager.com/gtag/
222 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TM8RE8VEQ7
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7b49c8a74366d4554e2d2a0e4aea26326aeca5b9282e971ff158f9dc8e7151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78692
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Oct 2022 01:46:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
167 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b85bfc116e033e6c089493ee94e90f03e192410c3652fc99bb45bdfad39bc23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55269
x-xss-protection
0
server
cafe
etag
14923952782739220981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 01:46:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
169 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1124263613222640
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/56/crypto-loans-without-collateral-2023?show=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dd4cb223f540a3be7a0cb8d6f7091ba61452fdb0346cef751842c5c8044a858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Origin
https://qa.elbwaba.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55517
x-xss-protection
0
server
cafe
etag
3259090499086501836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 01:46:49 GMT
vote-buttons-3.png
qa.elbwaba.com/qa-theme/SnowFlat/images/
1 KB
2 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Sat, 01 Aug 2020 04:52:10 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1457
expires
Thu, 26 Oct 2023 01:46:49 GMT
fontello.woff
qa.elbwaba.com/qa-theme/SnowFlat/fonts/
7 KB
7 KB
Font
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin
https://qa.elbwaba.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 26 Jul 2016 07:31:58 GMT
server
Apache
x-endurance-cache-level
2
content-type
font/woff
cache-control
max-age=21600
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7200
expires
Wed, 26 Oct 2022 07:46:49 GMT
answer-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/
3 KB
3 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
2867
expires
Thu, 26 Oct 2023 01:46:49 GMT
answer-select.png
qa.elbwaba.com/qa-theme/SnowFlat/images/
2 KB
2 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/answer-select.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1831
expires
Thu, 26 Oct 2023 01:46:49 GMT
link-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/
3 KB
3 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
3026
expires
Thu, 26 Oct 2023 01:46:49 GMT
comment-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/
3 KB
3 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
2906
expires
Thu, 26 Oct 2023 01:46:49 GMT
search-icon-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/
1 KB
1 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1412
expires
Thu, 26 Oct 2023 01:46:49 GMT
spinner-icon-14x14.gif
qa.elbwaba.com/qa-theme/SnowFlat/images/
8 KB
8 KB
Image
General
Full URL
https://qa.elbwaba.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2225.bluehost.com
Software
Apache /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
x-nginx-cache
WordPress
last-modified
Tue, 15 Jan 2019 06:08:24 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7781
expires
Thu, 26 Oct 2023 01:46:49 GMT
collect
region1.google-analytics.com/g/
0
346 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TM8RE8VEQ7&gtm=2oeao0&_p=1384018347&cid=1152264564.1666748809&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666748809&sct=1&seg=0&dl=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&dr=https%3A%2F%2Fwww.google.com%2F&dt=crypto%20loans%20without%20collateral%202023%20-%20Top%20Crypto&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TM8RE8VEQ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qa.elbwaba.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/
353 KB
116 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef6b5d792d67969a3dde0952a0e6ec59186d2c8d1de576fab053aa8b3db67540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118751
x-xss-protection
0
server
cafe
etag
8472344965736366056
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 01:46:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 13E9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
37708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 15:18:21 GMT
etag
9671129459699598864
expires
Tue, 08 Nov 2022 15:18:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
389 B
694 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=qa.elbwaba.com&callback=_gfp_s_&client=ca-pub-1124263613222640&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bd3b54d411ddb86197274529dc685f9098aef3e9d82734b73cfc9b6f2cc82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.it/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.it/adsid/integrator.js?domain=qa.elbwaba.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=qa.elbwaba.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F6EE
111 KB
36 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666748809&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809375&bpp=3&bdt=536&idt=182&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7752879546787&frm=20&pv=2&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
835733f3507f55f9c5bd2f4cf85433f511bbb831fd7bfe29eed08fa4bfe6995d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
37040
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
expires
Wed, 26 Oct 2022 01:46:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE4C
84 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2dc5d8ce1c255e7a7527b5ffb562c2ca414e1f22d0af78ea9758523d42fa39a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
expires
Wed, 26 Oct 2022 01:46:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2C59
17 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
910ae1236390d693556a56834808aa74753e59939dc285cb99863502b7757882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
8292
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:49 GMT
expires
Wed, 26 Oct 2022 01:46:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F62A
17 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684ca2bb053a29d2ba8dc293c083e31c5d9db90a1ced25312dc9363973a205f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
8187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
expires
Wed, 26 Oct 2022 01:46:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F17C
624 B
300 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:49 GMT
expires
Wed, 26 Oct 2022 01:46:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D86E
49 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Requested by
Host: www.nusoulhubradio.com
URL: http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f147d8545b724d3629e98140c32fcc3d25120f3a8530b5cd7a6b75e390aa735e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20810
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame D86E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 20:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:16:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame D86E
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D86E
152 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:46:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D86E
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRSlm6kI_hnTWQX5et35YUHgieXyoZztEXriCzUbgISOqYy1KtaXg6vD5XlJUZXybClGedFggZ3heCYPUH3Ajv-jLNBqXqs5LC_EmSvG_Q8JVBBw4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F17C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuzSXNNErV8kgxDzfgBvuo&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuzSXNNErV8kgxDzfgBvuo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuzSXNNErV8kgxDzfgBvuo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F17C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iRioyrNxB-f6WzNWXOPgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F17C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECwWxpHBgxuxlrgAONC3-js&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwWxpHBgxuxlrgAONC3-js%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwWxpHBgxuxlrgAONC3-js%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
AN-X-Request-Uuid
dbe3f877-bc48-4241-b3a5-1899babf7144
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
192.145.127.221; 192.145.127.221; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
AN-X-Request-Uuid
d341973e-5ff9-4657-8acc-9a6f3ca97ae9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwWxpHBgxuxlrgAONC3-js%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
192.145.127.221; 192.145.127.221; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F17C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1MzEyMzg3NzU1MTU4NzI5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1MzEyMzg3NzU1MTU4NzI5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARjHjbrOATAB&v=APEucNV93nWfWrqSG-vKyfztw7VnO9XZi8nPeQfCN-OnEz3qm6ibbNpeLwPhlYi_sqtgSFaz8cJvehWehq2oPSV6RNEz4_xWn8CMNgbGZjwHLBpRmdyrYvFc06UdtwN1GWga3QJUqjLS5e0YqUjNZoVErbrLlaOtEOka4bJPqP2aOUrPjLBvbFc
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
AN-X-Request-Uuid
d3a2b5d0-476a-47d2-9ab8-f55898c2cb93
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1MzEyMzg3NzU1MTU4NzI5
Connection
keep-alive
X-Proxy-Origin
192.145.127.221; 192.145.127.221; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
player
realtime.clinch.co/video/player_v1/ Frame 4736
9 KB
10 KB
Document
General
Full URL
https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.12.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-12-74.compute-1.amazonaws.com
Software
clinch /
Resource Hash
bb5f9c400ad9e4f64c71e6f46fe20067ea6c3cf1486842d15d46d9b5b99b4091

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 01:46:50 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame D86E
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:25:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame D86E
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 15:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
35451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 15:55:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D86E
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiLTwbFEmhIkhTuMwGghgCQTbc-sQmRkPU5RTUs3ZPsaxL2uDPXxCH2CR67hmXoXJb1Xqen71zL7ET_LqCzPZFiv84XSOaPwGEfKDLjaV6-jv5DJrYejpwRZfnYEf7C8KEBUi3hHXe6ImVT1gOPX83GJmaYEC7pBLAaODc_ZuAR1s6NRcYXWI-oDjXKns_E8EP3NPjkZi8qRxxwEYXLzu36Tts-4fXYuB8k1SwjdW1xVSE6NUfm9VWPsoMH-Pu7kyuDHvYxkveA-qFKDB6JHQ-7pIv9u1Ik4Hc77AGPwBlBGLXPTdIpj91WxEWASFMRcniZx7eP0noe5-SJwNlqhWQFxbIHsBhdlz9gXVRtiIt5ZoLfX7WbQqgUT0i5zNX7YYmp5fQ2TsFGnuZZ8szBgiJlYtCgT_t6TZcOaqtt9GSklHQx8uAM_w9_iSNFwrJmONl7JKnEg-E5LPWMLddIokfzfVETz08DYsMmxqeqSnuXJ8OaiugJEILtNIYxmxMSrQE8X6Euly9J41F48p2B7W2IOiVqQJJNPfR3f6zwfpOK2tbq-cWTI4oUvGaHHWt-YZV6XLaCRYfRAbUrp1tFEKmxTrQMNetuodaquB3pYxHcHhtGb9JMgxcQwkuXO9k7GYdcEVeGllWG4aywCEnlUZL644YkGsZ-kIyH3k3VchpW3JHe7AmqyxkDnGhaiZgnb1F98GCRX5L1VjBydeh_Do69cRtA_1SpKQtcc59NezEcfFJdQyZlJWJfquvDySzlxsIDyh5HqTPpcvlUsCEgd1U1zKwhgk2CMMt_E5_MeItwIe8-NDQljPPTYp8GmTTwYD7ln5dMRlAju5_UnAOoXEWbNHdFCbgxSciJaroAOs6JofUV9pszTL0ww-Ts2owDz84NRsN4ZQgehizVfSaDzJfRqTlQu3DqM-EBKh_XnCF1PMNpZ9emthy_JhlcWI2oq60A6zmRQSR-gZryIWucmHR_5GC139F32Uuh1mwQA8-jwA5oQRxvIhglgujP5O4Ij3Dl_tnT_Id2dgVt1lykHiLir9u-XUZhtE6JaIUFxRkHaMerWOBnA-JcbewZ82sppxc7j9ssFpmBs6-Na9ASiiG8tZr9p5iQ2-FirtxQf6YrlaCEOuoaH1C4XZx6hobDt3KYCcoIL9V_ycU8ALhpVJmg3_tDge0HpnQ4g&sai=AMfl-YSYZmhzyEgWdT5cLYGl6RgUJHEEDhNUiWWNfGh6H1XOQQdFFvWmqQlINqdz3YHlQAKgtOvlaSUELf-7hNmt0Fg0pmYWpiqAF72oV5ahyy_83UqDiNi3FZlqj01U7iqvFZvqYnTdOQ&sig=Cg0ArKJSzGkNaSBMAnb6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=2&dett=2&cstd=0&cisv=r20221020.66282&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTX_Rgm9AAtawOloYOFr-rJBfnZhTWzXQ4q5CKR6hDWb7XGpHNtWZ7Y0Tyok7KhqYiEV05vaUCwi65_3eJ4OKWCgDLU54ofmAWFkERDHASUQOciqebVglgoNr4ES5C8UAV2xJRhl326KDLtN1_VI0B_UTOTazsw2Xni6t6q3rmPm_OY4k&dbm_d=AKAmf-BKtUJEu5hbjxWK-yZRqi1x-6ynMkTokLgp22LWq-M97PCxn3dF-EANwxE3Udib2oWgjpr7nKEdTbhMN_zhQrlfp0272E7Xp0w5VfS7zGJ91rdr4VXLzqSyXtonkkv-7kqQ82uMRhZM2dXmAkT0o5dRvmFDSS_AXg1xkusZFY7rgI9pNfUVSY21UyMxLNF-N2RwHfrRDhDOtT4d2BRVjAx_Dgu_rt-lmVnvYlGg4Uz9rswhd57n2A23QB8SkSfy_3eA1bqVUARvNGrYRE_UA49_8m9WCW6hJEPXzty0QCKSomjmnY-1eARSvWYu1rQaA1fU_1XrIYujc2Gf4wZih4DzbNvjN1Jyq29bDBUlQZiVUSE7_iqvrcUqYzx_y6L0nAXEWJ47YYvJetruE1cfgMAEbe0McD14ojpnYvX4fko289Fj7HN4GNSgO6x9Trpd4M9heyZ9apJd8jTW_WbTCntzuZy7hSMdNEtG3Fd3BboK6ylDWs6Huid0WBVQKDqVAc1ySQ9xdDy3XNZTZ4f7Pq0elW2USoV7Ch0eY2yXptNs0DW9JCKK2jIDrmFs381Gv2YdGOZ7PTUx63hQQAa7dtl5FZaiCTB3M6G3rjeRatRXiMOhUjLljN1ctyeIFbaDmILREUMR0dS0pZ3ZBX_wBnedfm89uflBf9b5uT_veez2_8vkBACdbGzK63EveJiDrcn2qGAFEqWHtsJUQ13aF2KdboWJD4o85bhHJjEG_pTEn2KDaroJWQvPYRVJcmSR24uInp_lGNzqrr69MVoUgb5Isb8ef-vZGdabV9fwGfTkksCsywrGNyQUENdSwaXDGTJhpXA60r0j-sNbAXvOJZ2pBDpTqbwYdCh6C_OwrMgVL9ED8-1WLk2TnWFlHur_5oSqYoXI37TcRjcgRKUth29t8u3cVYtbD6oITvUAGFot3T6RkaUYS6un0_P1Ceq20_qxriiJMbJXScTW1EMS90rtwQ49YQSOF9gy0my6wjvoSd3KygwKgvSzURrBroZivpO3RYN1g7o0Ii4M1cEpPRzBlkTeKeIPml1PjKBhAPpbm8EdZ3DR71aWRSNhf-zqf2J72eP72gcNJxbckV6jGVetYaW0HjY5hv8_Td4gqgwNeqMrISsgeCGkkjaUC_CAdGRr9m4JlOhdXfhrszzP9FhNAGDjlXqpsep_LEapNc5zmmtFpWDdwXYn9W8vZRuku-Pvci6Wkqt6F19_c1HOZP7g-UfcBPbuh-YKz_QwB7kEe9v5_d805fU3uRpOO94ypmVu9Tij14pujq3ioAJNsjmYgOiHpx1l5K4qglW0HLFSSmrtNS7H60stOlQE66Ka4obVRCeneBSVTHkY8IMnUBUCzVAGkr_pLe4H4m68_TkGr3y9ULFoLuJ9wbOnMOJWDUzR2xO6qSRncooM-tuctQXI6kQt6l5uDRVLc3HjvmNK5zr6BH1ghCNKjYufmpf4kGXy4LVYV8XniHpXOFATYe6JrHZralZquxpjztvxujWS1CfErpPjIQD5vANqJ4Y_OwMOnI0JdlOBJ_EAlrFZlnFcGwNshR2l5Y8fLL-YUa1IvpE97KLZgs-6gC43CVBpQKp2Ori37dvyquFacOCUiKc9cPjkRcPNhui57rBrJnLqqB99jPgFFenKsEALohMHL5DLZuEBvGdCMHtP-5gMWJ5rOOm390CXOSJKLhpW8ncL9aevpDnla1WpXses81_wCGA2mdwcGIhTQ4AYshtA_kEMXEgYFrAdXQ_WbIMGc1ujPr95mvntOP3w1DZpQPTp3pyYJwSLNZmt1ldV9czl0ZN6EizG2CZp_Oo9Dj_Xq8TMbMnZ2OJOEl9PRn_KdSLHOAuwUErWt8zSNheRR6thVqj5HzLPtwT-SKmIwjNT_upeT3qjkgg7Zzp06RU07l4DCA9XEV83M174wj6aTvgUEZ0QLfW0plqTAi5xAqOfTLyMGaZa5OGTrfAWlEtah02y-Zn74MbiRF1A0QrSWKimr3AdMnHkGiWDUg_4NjP_3cMR8wzgaCVDrRqhCv7GEv734SY-S_S8ccFC9cMjSzCuCzaBCauoxH4ZY10OlC0QwpozgzU6hcZ3ClUxi51N2u53oJE1s_gyORx2LazFXHeQzX9V8h59YoVWv2_RFusm03_6qi0FpFDoD-2U51PQgPD3BDw0eWqaiMPGNYiFD8Nf7wjpDboAXPWggSsnoK0sjFSmwnZSkXcv_vCXFnogOIME-chMwpQxUe3O5hXKEERKkMsEWUyVEbRAVTisfVJexIwbPffGhZDfXUEpqTOmniWa78meAaRJfA6LzvIrvWfHS4YfA9QlaJDcrahrRc_pTBAZwgKlBeqp0P60zVvFqHvSAXvtwvAyNSMglXY-_M4741_MFI0R0k4RR25SAbOhgc9znfLMQC2t6Ei95fE3EIQ8YxNAQaercbPzRs2bBP_kGauIeuOM_YCkIqFSgaPnUtjV3sWpsyK8EfIJbrVkIXl5XPdSqXi1W_YkhICRHlPx6Z1AI1K2lqxwyowNSOzngI135Yr_jVIiWO6q__22Pyj9d3sW6-WWf0NRXtgRRW9NhEeDcXaycwH9MadWExkOpMmzV5hB_NmQZ5uUSozJd09KF5uPQgx3fulu8aQn8RfY8xkpHRqc3fPYswPvJt6wWtKArLHt1TxhdOxhWCHoI4QXiga_d9qWGndVmDP3QDuNPjJGgeKn-Tb-nQyMtpZrhjugvuXJBPSNjhR_lE0CD79W1bfbReSRpW7NANLGK58W0jVB6t_1-nV7Gw-j9ZPLlJUHp514q2bInx0T52TVeOQZ6ACjfzc21mBMkREwZx3MWfXUrpr8VNcLwjZGBDd2c_dahonjFHv07p628YgPNtNijOFdztcF0Rk14MNNhTy8BiqdBAWIfj113haXZBz6dwj0HuLtNdP-nl3JpyH27zooeqjyBsj5703Ko5XxZTR2n2KAyY5k5K_9lkXNVFdR8eBAeIj6lDITE96qBzdnt_k8kLw6F_6wMhX6gKRxPHjkhag98jMKuK43FsDKnMV98Q-Y4IPm8W9Magj-gczUCPbtC0rII4xOnBzgUwfDf3yHccGqAON6_4cCXkzGsf0o_xptEFRN3pP05aovNDFEy0cAPvJQtjObTGXJhMikJBbgOEVU9TDeZYdJOtf49iBI3YmjjfJs_xbQhUjIDeJBJNqsV_wXWDysuyBHduUCqNT5B4secBZuYA&cid=CAASBORorLE&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 01:46:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ul_cb/ Frame D86E
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_1866205...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_1...
43 B
573 B
Image
General
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_18662058859_432965319$$&viq_did=&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=215&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ixrnP76VNS&p=https%3A//qa.elbwaba.com&dtd=218
Protocol
HTTP/1.1
Server
3.126.26.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-26-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 Oct 2022 01:46:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=2761373626&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973557&pi=340359205&ad=532399291&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_18662058859_432965319$$&viq_did=&pt=i
Date
Wed, 26 Oct 2022 01:46:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
truncated
/ Frame D86E
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06b0bf970913e1db3b38f4bf598d80972cc46169964a0c9879c1e5100750e6da

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame DE4C
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 01:19:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 01:46:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame DE4C
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:31:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 183C
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
expires
Wed, 26 Oct 2022 01:46:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame ABB2
49 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Requested by
Host: www.nusoulhubradio.com
URL: http://www.nusoulhubradio.com/wp-includes/SimplePie/Parse/wp-mail.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be378e16bb62713627e57596358979d927130970704550aad75847be7bd99707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20868
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame ABB2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 20:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:16:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame ABB2
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABB2
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:46:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABB2
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BN8_EtdZnwpmwYua2XkbTtgDdGD5FiNQy8xiVZrSYCayoha6R7Jjz3R9RIh-8oC9ipJsjw8rBuqro1gSkmRDQy-cMk6QJxswg9m8IBS-WYuQhrn-s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DE4C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSGVSiZFYY7a8KM-L7gO95pWYBu6boYZtwPzOwvsQ69mCwo0OEAEglKmohAFg_YKRhOgRoAHv8pyZAsgBCakCSz02vn62sD6oAwHIA8sEqgSKAk_Q2vzHdupnrfn__HlttWFX9gR1upDx2Ga2GD8RdnVIU3rZNcxeB2deTebOKUb-8tDxUAtoVtkD5XPMTrrZPCiWyOzW2yGIn85fxhao4Kt149wH9xDv54RvR3JqO0n1U_a0cBD-oqCt9WbYgfUGjdCEQn58jiEIgTfSX2foJHEYrlLhz9Kdw21C1XTihT43tBWPYAUJY904AxMH-Q7Yy04MzxvqVvLnpQspoh4V1CxyH6nVk4TuzwE8w3JTF9kvSfCOjIftRq3e73SVOAtWzByRMaOWHPEz9i8BNmTjNiHKUlqDQs0BgpYzADybc8olpwmOxU8EJCcigNlXTeHHRK1WeEJnKdPMLGMbwATiyPG3kgSgBi6AB_mM4-YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3NsE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMD0BUBgBcBshccChoIABIUcHViLTExMjQyNjM2MTMyMjI2NDAYAA&sigh=_9UBYhieD3E&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 01:46:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame DE4C
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
64831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9257
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 07:46:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame DE4C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 20:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:16:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame DE4C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE4C
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:46:50 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame DE4C
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13940
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 17:30:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 00:51:45 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/7530759539068052486/ Frame DE4C
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7530759539068052486/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa20017aa51659257caa1474652600099eaf16ca50ac5078ce3b02af2109f45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:23:57 GMT
x-content-type-options
nosniff
age
40973
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41134
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 10:17:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 14:23:57 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14199496958421607577/ Frame DE4C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14199496958421607577/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da2a6d3458fb733ddfa537872a2861e52a5eaebebef3fdad52c97cc14209dfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:23:57 GMT
x-content-type-options
nosniff
age
40973
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1888
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 09:05:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 14:23:57 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d6b2361f7519708dee4ffa6f347ca978e36c9daf41a8f777d46e65949084ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52375
x-xss-protection
0
server
cafe
etag
14360739910669482613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 01:46:50 GMT
rum
dsum-sec.casalemedia.com/ Frame 183C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 183C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iRioyrNxB-f6WzNWXOPgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhnyD7mO7hFjXzDpuUNIaQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 183C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOlqAKuouAMtXeVeqv-Gapg&google_cver=1
43 B
1019 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOlqAKuouAMtXeVeqv-Gapg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
AN-X-Request-Uuid
3a00fa83-a39e-44a9-9792-835c5262ed0a
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
192.145.127.221; 192.145.127.221; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOlqAKuouAMtXeVeqv-Gapg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 183C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzU0MDk5NzczMDA2NTE0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzU0MDk5NzczMDA2NTE0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7oOP_ARili7rOATAB&v=APEucNVm25ewBXxzqHm5Lzckz4O6coXN1-YyH3bLQNe0GiNxm9Qszx4fx1dzW_tLeh9F-a7MQOMarC1YI-Q8kxMXwb20EQnejO_Pf_yQHtfhmaRrEj0wlj7uJx9oKvbSY2FTeZ9ShrZ7w8_Lgarc4m6OEbKT7BnpApbcCxJE5labSr_ChUijC2I
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:46:50 GMT
AN-X-Request-Uuid
ae80a8c1-3db6-4cdc-9b92-da76bb61b25e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzU0MDk5NzczMDA2NTE0
Connection
keep-alive
X-Proxy-Origin
192.145.127.221; 192.145.127.221; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
player
realtime.clinch.co/video/player_v1/ Frame D264
9 KB
10 KB
Document
General
Full URL
https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.12.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-12-74.compute-1.amazonaws.com
Software
clinch /
Resource Hash
a4ee591308213320b3483e8d7e904935fc3b71b0acde743c7409973600caa1cb

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 01:46:50 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame ABB2
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:25:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame ABB2
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 15:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
35451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 15:55:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ABB2
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYADkpvQZq1XlSliIORFh1tlDLASlDyHQI9Y6J_S31X9nkJDbl8XLX36RWonKBVZixTm669mGtmF26OscG9BN-RruVZIVhTMFmaZTjRKfPakbdsXLVhdSZEeEYug70RVWnJ1alTdzHKm2wXVs0uIjipRcItO_bYd1_n5fy1pxiRV5HuO6u3XtrEhZmisVrYpmR4QF8XW0grSoqr1aCCAQenDYKFVWhkDOe-XdZYz-1pL2Z6hfSzqTEBSWK6eEByDlj4CY89MhzOVj_oaebbwOTK1GFgLZNeFs46Fv9MAdEaDekDvmA_UDhzkAkP8LcLRsEA4MRWpdiOb5rc5CB4DlTgHIQo64Gj-lQ1Oq1TqSybuzC_uZiq5aLcEVLrHrTa2_V0cq9_0r28QhC8Zv_zOmhACY5N2roTxUf6ltUQpAm71FzeGRdMNrlb8bitqrYxhTtCw6FV6RAIyg6RYOqpcBPVeffT1WhBlLn5TU95dVRypPqhKPTKJIvGvVJmzyTw1gG7akljBfD3oUV3KxoP0ZReaZbbN5YMTflavGNPe4REIpO_Fkn0emZ6OeCmN9XHOfGUcymuFX_7HiSHRPAMNjZoX0zg53lxfWZ6re9bNSZ9zEci4YlE1PeM1gInXLhKnpZ721S60G6lbyDML7ruvFENRB2R72Ta0DtbaeGi8c1wVTRioz-pwCAx6d9nMT4PqahHmbAnk1SIubgigF_AgblLvsFwcwpLrOlZdqlP9DY9jXIvKoyVLAVrD7lJDCvQNdFdUSkPuXDKZqVt0sq-QQg3wbP8LlUlF4y3mqCwwitrlm5LdSfWRc-IuarooLfz1oK59oZVzG1Pxcw9Xpg9oUTunJXvk2nRYfsWb_iFQ-iBFW8FPHpWW5ZpY-PIj3rYupw-Q-m_so0qI9HJ8GeyKYpGArEMD5D0w2KJ8n87GYvVlXm5x1TklRrAui4TISseKFroOhXa81ypD3-P_zNjHJE95j24RegpB-fMa844DBoFR6fw0c42xeNCLQXij0BbrxyoPj6_v7o2frM_9PKpbYKAdCqypyIeGdb3v2VnXws--_3itwCF-W-78XfYYXfYVqgGA_9a_zqJdKTK_2W-4MEOrV1MqXUXkcJOYo8jQANlK8KcHUnqbP4JXUxQ0Lkz9z_yavaEUdGyvGC1C_TTAXlHtgHw6yVBWyi-CwT5kheFpmpFaJEEx2Jfw&sai=AMfl-YTW5_bRUMPFW4Ho-lI-HtTWp5TXzYpLAH9lmcB5C_CndTB9ntS0BznUI2Vc1lbfIunLz3LpwQy7r73kYVSc_j00poXha21KP_3z9VW1ZKAf7pqAEZzrtdckoSGiDbXPuKkK853mpQ&sig=Cg0ArKJSzKxdTvdYWJPEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=2&dett=2&cstd=0&cisv=r20221020.15014&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BynCEmGV-hCUg7O0qqzbsVoFYaUh_b8K58WQ7jhg3kQ-2rQoQHCJ5ALPXF9A-q603wR7cu4ofG9cm0cdt6Ckqsj7qX4e-gvgpL2nhgseXpFPbN9ZaLclDX0qUVBFSQEe0NSXKoamBxGl1FPFVsPCJTNMv7a3GFjRJ_Lm4dFOg7Yomfv34&dbm_d=AKAmf-B5JUkJEhY_oSxlM4KUlrTlsRn-RBGGp5Kbj2m95wgcGnWPKQ493mV0XZqzV-gA-ny-QLCQIX_AFEgZSK3SKiA5Qz-GUY1VCStD242i9SATEH-Pi6zJcTQKJtalXAaPTkOB0bv65EnFnVDXeU5B0i8Q19qS4uKr0hbAu9VNa1ahqBOw8mz0YtfsP1dKkEAHouVBJIKHfkHKjpSuB-RPU7a2_O4b4gGEQ6RLo1XNXFd_EQqmcZDaJsjo1LDjkL843-fS9xmtN_syr7ge1burZISNEWsTwYamUfyEITpg5RrofGZF7hRbVLgz0j6EO73oknT9aoPbderssOGnRE36PpJULP-LKlwWtJvqyD4vKIA5sNtoB7DUGqsiPmmiEZ6Iv3iFrfWYwz6XXwHQH96moHKnoEXhQVOo1zexPhBfjnM-EoI_SyK3NZPZ1gThJ9LE8tJ6gyVypRGU0IbubHpSkccPRKsOOGhFIXxhVAqNRcci7JeZqommOGQfg3LGkUukIaUkOoTz5SxIawXGDhyOSei7BEzj3yRRGo4t1JlRVuzEL5TYjwYItgKVk9VBZT1MAFh4whUvsvygOk1jALi8vHvucuwD4JV_uPmI-ptQm4iLVqm_y6qGtwqd7iFlOAdTzHOiQDkLMAIZterpPoFBx_pmNMFNJ3nmtNmvbWfzbT6qY8Jak1ycTTPdvU1SGYkHsMgeS6dAPcvUoYmJCrRnJdDBOit0PeaPOXsQnZkn8lwV22fPe6Nw68YidpvoyXxw_nfLAxnuXlPNO-z9XDcRXV2nU8dYO1MW9G3t4HfzE8YwDXUTgk_CdLvUhBlzm9Uy9b7Cmh5WxpQpSMRAMAL72RlwX1iH_hPDhu3pj4f-ZGOS2Zd2w2zzzk81Rpmt5IzgjPPbxdmR2Yyz7adAYXDj2Rb11aBSbf2s9nHDJUpMqodl_NTeyp8aRXkV47-oOn0AIy4YxqQPHOdyUaYldfohzWOoFbpcf4GwF7e7tEPByEAvUqtTPQMSXBu6-R17wZP8eZ_B12aPBqbOkLh1rduGJhEZWWPdCYaJxKe-UqZlXuYLFZHZVhaNgeFCpFnCRPGEaKOaARepit9nvGZuOtzY-jsuxhv0WQZEWWHOI7HtZ6LWNS67ke6RsRogIUR7CUjOeeEKC155zcE48sT1AkqCw98TX0AWlAYz-Fp76LkCsrhaI_otrUCkJ9RrlV3EF-1A2VOuf3xC2N0VUc6Pt-ajaGtHUsCPBoX3LigD_Uv9Bpy0u-6JsDZlxSDSTVNPJxnuvcwxHFW5Y85eRjuR2g5eVqOZT6ui1fYcDqERkXNAyn8yd-mUiwMt5RCyX2zneHaa1lzsHyjLfqkOTn-5lVbxPiFPL9XTRhAmfCy5Di1czKcHyegH5vO8y3fvf2TGHOJBSnHJ0CONIIECaZhiu5TJ3YufJfGs0fxcCVDr9cLW91dQ_FbFZxySJ_NBaGl8sxq1SeOy6xISBG-heYE_8xVuPVr1ZALcV1cwSMIWqGNFMFF9W-nNEQimVgpjj0pfHUKLpB78YtUAz5cMUnBC2nfSdURJ-lUB81lumWr11LF4CxMEX9dthvdDu2S3ZrNVraf2fi0HXdXWb23iH8WeovwgnO7F1hee5DUPRIAwNofvEGK0tSGlw7917xk0wPjprv6JXfsraj0iffwXkVdYvWu00iGkr8llwENXhIuNCHlVtxtgomaSiarpHZyel3p6QV-3ykg6nWmFHmy-EOb0kaC_2ZM6Do_064Gfrd_9lan7GC-m1ZFcw5mOCv4dXkfoKl8Urhh-tP8qoYZmSa6ybwfFFpQzNW7oXBgxmiSYKDgsh6Zu-34ZLZsmMB9hPEWMaIu4hW_mvZ0Qlhs2QdLR-S_64IyJ0NSOmQHOfEZmcoBuTNfegyJl6q2AmAtAUnFFl9UD8dFuSM37xsfBUxJss1EA98RV0Wz5ROWSk0WTYkVX3HeNE41RGeFUQltd1N7i42aAKaNFJLiLIL2wmXkWALWyv-TYrUyUw2Vil7KxKQydvgWcI1SwPp8eP673zSW6rSXQfeqeBHP2PGRKRkpZ2FFaTpKN9YqukMzPYksu0v3nvbHExHCRmnxTVgWQjiY9ZFAuJVBZmuYEKrUPfTL3qyzW-n8mLOn8C282SYTCHZZAeyYO650Kent5mW_0mIVw2psDRs8TJXhTuYlqln4Tz6sMB0RwIDuFMlgCOsA5ZXt5h7ij-lu9UuTr2Asx10QHIqMPb4zMDHlgZgUGJwVYER_uPnWaj77efoEYxbq4-yLqZ1zkZnDlX5zoXNjRPwB5P10CbBmuRbOPQiCDbT2DkMDyS7RS7mAtRGt0XXO-a_VF8xXzL3n2HcBiU93SrMDzfKpiLsHc6IYv0cqDlF3o0ZR3p9EQ9CTLjP1_O3CR0Rel2UDryxGSt8J-wIponcUJsmgQEOpTHqLufNGEywEQQqR0I9LvDYvo2PcRNM4cqwjg4RtlwUzGviTHH0NxamQOdvBS_W2XAZqQFlMqrnTlRWxITVRvO0f6WlV8Z0gS-bL25SPD7oDXspwF_BANg6zA-SFcTyAeBwmzc075ny3wAaoCQR0XlRVPVzk5rln1rcox9R7xX2WfTwvu0BEZhjQYJNPuJ2cxf73EfyGPfV3oAVvLcsoRwyPnhHyX_-k0giUCL0Lhfvxaao0HyeAI6LP_v658dNgbArneUyfQTHfih21e-N7QLclQKbWNEKvCXxU6qssHV8UoNjI2x3LPqqTXkFZCmMo5gvz5Pt0e3xfksxwveixZgss3oAgNSYU29cpXdK_o8PPqtQN1lOmeyEZQyZyOdOfdqUkafp6oFaqplusfk-CIPtv0Spzk4FmvK9KTeWKSgI2DF1Yjn7Ux_A5AZvMVePPk7BmUrL-LUPKFZvvqt3a51hIYHzYZ_aD0E43a8JD4EJwObK-tsCBVNN5vy1q8q3DRGmewle-m5ms6R4KvCCZXXlPQz1sI4VQMN4oe-YbbFoRKplM8sh75B8haxR20wg5qNhJDPBNYIaqnJWX3vrZImtMbxw&cid=CAASBORoNR8&rfl=2%2Chttps%253A%252F%252Fqa.elbwaba.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 01:46:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ Frame ABB2
43 B
296 B
Image
General
Full URL
https://t.myvisualiq.net/impression_pixel?r=3414454719&et=i&ago=212&ao=693&aca=28048435&si=6324608&ci=173973563&pi=340359208&ad=532399294&advt=8122568&chnl=-7&vndr=115&sz=10092&u=$$23997664_18662051218_432965029$$&viq_did=&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666748809&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809381&bpp=1&bdt=542&idt=220&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NsyThCmc2S&p=https%3A//qa.elbwaba.com&dtd=223
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.26.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-26-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 Oct 2022 01:46:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
truncated
/ Frame DE4C
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4557d7df65bd8a955ab67723ea6ef4f7496aadde35a565b9069481bcc2ca0153

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.it/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.it/adsid/integrator.js?domain=qa.elbwaba.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=qa.elbwaba.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame BDD7
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
33502
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 16:28:28 GMT
etag
9671129459699598864
expires
Tue, 08 Nov 2022 16:28:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
84c8dfa227218a7b436003265dc6c69e.js
www.gstatic.com/mysidia/ Frame BDD7
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4170
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 17:30:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 17:49:09 GMT
40f44225e0a1c31e628c89e0882e5f2b.js
www.gstatic.com/mysidia/ Frame BDD7
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4273
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 17:30:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 02:15:15 GMT
css
fonts.googleapis.com/ Frame BDD7
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 01:37:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 01:46:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BDD7
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:31:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame BDD7
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
64831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9257
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 07:46:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BDD7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 20:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:16:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BDD7
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BDD7
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:46:50 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame BDD7
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13940
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 17:30:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 00:51:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE4C
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
118918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE4C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options
nosniff
age
16972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 21:03:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BDD7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CN_9qiZFYY4TzKN2nx_AP1KSs-AOX8tGQbPX05_SvDrmGvd-XKRABIJSpqIQBYP2CkYToEaABm92D3gPIAQGpAu4g6tUeD4w-qAMByAPLBKoE-QFP0IVSv7U0zwYb-TrrZ_N6spDpiks7ngm7vSWdLuSN-zREegdy8cnWUpDYL4RuHcFdgcK1D9ZD3CsdGM6N4N8x2iaDEF0nLE-K4fPwhf-3aeEzteBk7hzm0R6eDgFpalpZcPpmw-MmiTqqzuZDQj46T1FVucMUjA0HAmJplbqyHnNZL7E4ESPf3lDCfVwMurXkPgaxBQDRrOUpLT2dwTynsGaf0LNhv4iLE4P2GV6v01u0idonqBWvQanG0s98p83lrtuR69MKbrH7e-l5BR1maYGqCRM2GOXDJofBDkPqsTvXW7obgoGHpM-3wJS9DhJVykQOSUPT2djABPO3kPnaA5IFBAgEGAGSBQQIBRgEgAfNovwhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuNYI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwKIFALQFQGAFwGyFxwKGggAEhRwdWItMTEyNDI2MzYxMzIyMjY0MBgA&sigh=r6xQe8faTU4&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 01:46:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 12BF
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
1888
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BDD7
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d521fa39ee66ae4d3cb0685a2109e6c1e69ce3f2bd15cb6855242eca12b59105

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
runtime_9_23.min.js
cdn.clinch.co/a_js/dispad/ Frame 4736
125 KB
36 KB
Script
General
Full URL
https://cdn.clinch.co/a_js/dispad/runtime_9_23.min.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31e9224386ee43fc0e1efa90cf82a54b3ffd7a96b09da78ec101d1d645cc4e0d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Content-Encoding
gzip
x-amz-request-id
TQHDNG8VDCZ5Q86F
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
36058
x-amz-id-2
+FMcjWx2M/BSfQ+/CVFIYhK2SX9MQowEGnG5hCNaZCcA3PZjIULb8XiL2qr7/EZ6jZ41a7G7+gc=
Last-Modified
Thu, 22 Sep 2022 10:17:00 GMT
Server
AmazonS3
ETag
"26d56ace53d875e7424ade21bbbb1207"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=28636528
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 22 Sep 2023 12:22:18 GMT
728ax90_v9_u-1775346683_es.js
cdn.clinch.co/a_styles/2523/js/ Frame 4736
38 KB
25 KB
Script
General
Full URL
https://cdn.clinch.co/a_styles/2523/js/728ax90_v9_u-1775346683_es.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad8f20d6a1e41e6ad324068c2807b4d2472507e17c1144eac1b38387a011ebdd

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Content-Encoding
gzip
x-amz-request-id
0KEVSRRDEM49C8Y2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
24954
x-amz-id-2
BWhpm1YThwcsQQctwqmEEKW3VC9ShLCAFLF93ejvvVyf/3DSAoo8RBDVw3NLWjmgw9IqtqNWp+I=
Last-Modified
Fri, 28 Jan 2022 12:21:51 GMT
Server
AmazonS3
ETag
"ee789812554c8a5ee67323a3927f3dea"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=30707605
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Mon, 16 Oct 2023 11:40:15 GMT
runtime_9_23.min.js
cdn.clinch.co/a_js/dispad/ Frame D264
125 KB
36 KB
Script
General
Full URL
https://cdn.clinch.co/a_js/dispad/runtime_9_23.min.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31e9224386ee43fc0e1efa90cf82a54b3ffd7a96b09da78ec101d1d645cc4e0d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Content-Encoding
gzip
x-amz-request-id
TQHDNG8VDCZ5Q86F
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
36058
x-amz-id-2
+FMcjWx2M/BSfQ+/CVFIYhK2SX9MQowEGnG5hCNaZCcA3PZjIULb8XiL2qr7/EZ6jZ41a7G7+gc=
Last-Modified
Thu, 22 Sep 2022 10:17:00 GMT
Server
AmazonS3
ETag
"26d56ace53d875e7424ade21bbbb1207"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=28636528
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 22 Sep 2023 12:22:18 GMT
300ax600_v9_u-1230371026_es.js
cdn.clinch.co/a_styles/2523/js/ Frame D264
38 KB
25 KB
Script
General
Full URL
https://cdn.clinch.co/a_styles/2523/js/300ax600_v9_u-1230371026_es.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7abf8b0e1b42ac6258c8cb23aa5ba1d5f7381f76b742df99740c6838832e396

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Content-Encoding
gzip
x-amz-request-id
JMRVMYFVKCSZTGNW
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
24772
x-amz-id-2
Vz+/j3Sx+Na2dkst68SZEoMgzQdqzrxUuIiVzMorpBsNgaVDxQUOaLev6xQ8fHnreTw+w8ajIg8=
Last-Modified
Fri, 18 Feb 2022 12:32:14 GMT
Server
AmazonS3
ETag
"cf3fbdabfba34ab7d61d96efc46e136a"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=22531963
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 Jul 2023 20:39:33 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame FF1D
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666748809&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F56%2Fcrypto-loans-without-collateral-2023%3Fshow%3D57&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666748809378&bpp=3&bdt=539&idt=206&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7752879546787&frm=20&pv=1&ga_vid=1152264564.1666748809&ga_sid=1666748810&ga_hid=1384018347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C44774649%2C42531706%2C44767167%2C44774653%2C44775016%2C44777176%2C21066432&oid=2&pvsid=2219754121119867&tmod=144685063&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=b76TcW2fvt&p=https%3A//qa.elbwaba.com&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 21:07:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 12BF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
expires
Wed, 26 Oct 2022 01:46:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 522E
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 21:07:28 GMT
truncated
/ Frame D264
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35cafb0fe0c776b839b90fc6e2f49643c7cbe08021909281bfd2816dfb441629

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ Frame D264
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d26691bd967b89574a1b86fe718c5e35c6a236d7c96971feb6826f4b73078be

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
img-cdn.clinch.co/img2/ugvn1W/300/600/3/0a0a0a0/ Frame D264
1 KB
2 KB
Image
General
Full URL
https://img-cdn.clinch.co/img2/ugvn1W/300/600/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_client_styles%2F23063%2FBrand_brandmainlogo63771460877346.png
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
clinch /
Resource Hash
ce17e2afc1df45e2af285626d1f3488f2a28c5b581ecc0f61682f83634ae7acd

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
clinch
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=681800
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1426
Background_bg563771457398622.jpg
cdn.clinch.co/a_client_styles/21654/ Frame D264
1 KB
2 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/21654/Background_bg563771457398622.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef9c6d710d5ffcef3be008af76ea83a68d1d22b543c4de2be6dabdd4f53832c

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
RAQ0X6D1P31EKH84
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
1410
x-amz-id-2
wxXEtL4IM+Gwhk2K+nah1TNIHk1POWxaWoW+GrmsakMJH29Hz6TZRfFK05YPHifZd//PFf/mc/U=
Last-Modified
Tue, 02 Nov 2021 13:43:20 GMT
Server
AmazonS3
ETag
"86e4488f482c072fad28b7be4e1258d8"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=22531995
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 Jul 2023 20:40:05 GMT
63789242557632.jpg
cdn.clinch.co/a_client_styles/23063/ Frame D264
24 KB
25 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789242557632.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c41bbe6abef2f75f5ae16d2ecbd35a8999e1ffb3096fea56ff7139e073b083f7

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
RAQEPB28SV8Y6YFP
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
24916
x-amz-id-2
W7pcIqMsej1OO92k+32SThnUVQt291/HiQQjmBci/0EcysRDrDXh0+GA8CQS0gYW3rA6hxY6wU8=
Last-Modified
Fri, 27 May 2022 10:02:40 GMT
Server
AmazonS3
ETag
"50bee97f5814733bf793dd2abbab946e"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=22531995
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 Jul 2023 20:40:05 GMT
63789247010414.jpg
cdn.clinch.co/a_client_styles/23063/ Frame D264
19 KB
20 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789247010414.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4e07b671ffdcaeb84f255f1e4b8903c4e683bbbac680ff553f8f0d070f19ed6

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
RAQ15DZ1870TZZ4C
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
19349
x-amz-id-2
QuFkCZQQ3BFUICSH1FDSPDG28g0Jjg6KdIgSI2ZX7TCF+ftI2f2QVX2iSwJjve+b10a/JC6cX44=
Last-Modified
Fri, 27 May 2022 11:16:53 GMT
Server
AmazonS3
ETag
"46ebf9cfad290b173e4292ea19d9e1ba"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=22531995
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 Jul 2023 20:40:05 GMT
63789246367488.jpg
cdn.clinch.co/a_client_styles/23063/ Frame D264
19 KB
19 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789246367488.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15d1bc2defbdc72e47add048effa60c19d6d2d6fae90f041551882fc965f3ec7

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
RAQBVW426HBFJATD
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
19219
x-amz-id-2
6STx/t0nAxbXwMfvW8jyGZBPScb8EQMu8UxlwaHGvsvbS3y5epvsiEHTZ+jROeWxoNNo1L+mre0=
Last-Modified
Fri, 27 May 2022 11:06:09 GMT
Server
AmazonS3
ETag
"b5f0163c42aace75d83013bbbfe3d7df"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=22531995
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 Jul 2023 20:40:05 GMT
63789242524484.jpg
cdn.clinch.co/a_client_styles/23063/ Frame D264
19 KB
19 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789242524484.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdc3f56d40387b4811bdbbfee5da858822dd1a79eed94337ec0e1ae0048fa01f

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
TD11KMV34JD1VA78
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
19098
x-amz-id-2
bPCJw1ORgE7Dd0U1LNaZslH8zZpDNmYm9f97aLhoLENUdJyHYT3GAZEajkjali91y98knPfPnho=
Last-Modified
Fri, 27 May 2022 10:02:06 GMT
Server
AmazonS3
ETag
"af2dbade4db367c491a6d94100e9f7af"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=26162143
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 24 Aug 2023 21:02:33 GMT
imp
trk.clinch.co/ Frame D264
43 B
218 B
Image
General
Full URL
https://trk.clinch.co/imp?cid=ugvn1W&caid=19233&caversid=10930&frmt=300a600&csid=26155&dsp=cm360_p1&plcid=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&iid=f05d354f-95c6-4127-b68e-a65b844ae9a8&env=web&fcpath=lJICCJITAZIVApIZwA&prd=Ecommerce&ids=AlfaRomeo_Italy_Fleet%26Business_Prospect_Backup&isrc=topItems&issrc=Fleet&Business_-_Prospect&feed=2327&tilid=7753&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-3414454719&dsp_caid=18662051218&dsp_grid=28048435&dsp_ad_id=532399294&dsp_pub_id=DV360&domain=6324608&dsp_plc_id=340359208&dsp_insertion_order_id=23997664&dsp_crid=173973563&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c1=8122568&dsp_dma=0&ct=IT&city=7980&st=CO&stName=Como&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1666748810767
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_300ax600a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuiyiTiSJT9ZrtkgmqPe-99t1Civ4RSnU7slB8ZX5mYdcgMc_nm3WvytB_W7fc7olze-3Sb9tvfTsRCvukFr2QQTfv_5hBpPF3eX8thOyMju2JIWVWIsUZm-pjfnFPeO1VGTQcBiq4ZGquZzuEf-X5jKV7Jx9JY6YEeK_o3dJH299tGCfwJ5qrhbUEfZXGV27PsrecCCJa4LomCd7T562kKQCLfTbXpbxOfZbMohHgqInBZlI6ZHdCbzB4BmiaGUiu8jEjdcHT3jx-_SJ3rv9Ut_uFTk5mi1-uJy0s3HJsnMeJhCzlpKUP_O8sILCpHxdEMIHZvqbycaS9SoU-8rKoJwLPvT7QMK7b0QFXQOotK3yw0iN0u3HqhTRlDs7IragHtwlts8UEALRvLIV0YrcDYy46o7dXI5c4A_XL27sUp86sYQi8Sm_FyScFZtgWxnkir2Ju71kcd-wSqoG2qqxvvwE_v1LcnNg-Dq__UH2J-avAs7hKCWt3sapKA6RYGHNS7WlRVjvSteKA63wmK7ckE86mGTqcXUzlpDXsWorxyJlWWJKRU2RJRc3xlgi6lvhFB8-wtyD2PdjLVfTiiMFLwOYR7-71_TLVA_ypsPnmgEfJUbaVzidByarnGeZKLPvv9D7Q1zQexoZcTft57QaE1pQhbBJF35gdt3ZJ8YLFrRpajodmcle0FpR_c-iX_MNXnKTmO3W5I3TRf_wzuIGwRbiviNCewrHxkK_G2jxQmzu9KkOwo1yvLcH0TVDsayOB1cf75NNVaa4d7VopfDpSKfdNUsjsDRCNQLvNsUdPfFBgC6ggCJT7dQbMd-uiImculrJdlOl1KcEHfzNRco4ghC5JpG_FzVIvQv7j_jY8bfaqIFbK9Z3g8h7JHDkasxnPhmTuySdx7UTcqFv0Z0wKctT0bU0-9ahKNE2muiWZubXY6tdPWOEaVKGbmQz5vLxpwpRQ1LVGsA9rhcRG4KwH69FTCnnZCyufV-6kfBwo2ERYvujecE899YxagTu0_PalqWSs-WLfl-6e79Re8i8dQpMXt233q1PbaZoc5BaM5q1kCATMxEN-cNreVTzGYAMimWN8E6vMrsp_YeWfREsIKr5unISO04EPS38uzSDgZhaeikRrSRb26BJEyOF2z8im5P4M28c4XHlBlrazOverDFBTqblNQTwscCUFSpIcGMrSr50-OOz-QNLh-awT5EMGr6KR3ngM%26sai%3DAMfl-YRR71ZRxDEs-cYfSDNeNKLdp8UMP7T8q3DN7uVbmZD-LAQBDL_wGl504doZSY8vyaSMpY-NKyge7uHmWT44yxNLWShwlRC5FE9smbawOZk_SvjKqQOzIit5KTfj9cw_Ln2a2NDLLInBfoZTj3Yz%26sig%3DCg0ArKJSzLcq6__6XyYREAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973563%26pi%3D340359208%26ad%3D532399294%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662051218_432965029%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvke1c971dea5d252757434%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D300X600_340359208%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662051218_432965029$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359208&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399294&dsp_caid=18662051218&dsp_grid=28048435&dsp_crid=173973563&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=3414454719&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.229.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-229-144.compute-1.amazonaws.com
Software
clinch /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 26 Oct 2022 01:46:51 GMT
cache-control
no-store
server
clinch
x-robots-tag
none
content-length
43
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
truncated
/ Frame 4736
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d71ab2fb803b282ace657ff8d640f3ddf4f03f8a30d29e5cf54b0041dbc167

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ Frame 4736
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
161bdc6663b0b27b455a45be342681314b6dced363e4f1b94a4359730fe12e5e

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
img-cdn.clinch.co/img2/ugvn1W/728/90/3/0a0a0a0/ Frame 4736
1 KB
1 KB
Image
General
Full URL
https://img-cdn.clinch.co/img2/ugvn1W/728/90/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_client_styles%2F23063%2FBrand_brandmainlogo63771460888646.png
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
clinch /
Resource Hash
93c811f52cf6b70b0740700ac6b416abeea3c169cff227242725a83eb0a224f3

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
Server
clinch
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=660439
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1156
Background_bg563771457437857.jpg
cdn.clinch.co/a_client_styles/21654/ Frame 4736
751 B
1 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/21654/Background_bg563771457437857.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a743f65d5682341f69c68de47c226eee291cdc3d8d582da1ad9aaee049038d

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
TGXX4YN2HF6B7Q9N
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
751
x-amz-id-2
Kyt19NVtcihcwtKAhsaFt9vk2rqcU7VC6xq0J0SyEhowN2tOEPpwIpDurWplwZzA/3K/3Aw80vg=
Last-Modified
Tue, 02 Nov 2021 13:43:59 GMT
Server
AmazonS3
ETag
"0a392043fa384c2c412c62360681956a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=22440807
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 12 Jul 2023 19:20:17 GMT
63789245945284.jpg
cdn.clinch.co/a_client_styles/23063/ Frame 4736
12 KB
12 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789245945284.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cae2d63844e8a31942eb6913491400b30b2da355201d94c8a2c3757f966fd265

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
FRJQSM6MFC9QCCXY
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
12155
x-amz-id-2
bBcZeBujERZeoHgFWP2rfMeCHJZ3CBLOWxamOYGNvsF9i9MQfp83+fSmymnnbfiVc58ur5fQbZQ=
Last-Modified
Fri, 27 May 2022 10:59:07 GMT
Server
AmazonS3
ETag
"ceb4ccdf8ca8f2e83bcfece1c9cffdb5"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=25458812
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 16 Aug 2023 17:40:22 GMT
63789247028710.jpg
cdn.clinch.co/a_client_styles/23063/ Frame 4736
11 KB
11 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789247028710.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e64d4ce35d0f150f580fcd71f011e55f47e8b990d10bbf50d41d70ce2a3cefc

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
FRJPZ6KRS911NF16
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
10774
x-amz-id-2
2AZzs1xiKbpghugALS1URE40UocP5A+jqH/MH+b93jcRLFJKQ06AMxrw/2I8bcWc/j/+gwd9JJs=
Last-Modified
Fri, 27 May 2022 11:17:10 GMT
Server
AmazonS3
ETag
"f0bd4cdd9d354c46a6dea4ee635b12e0"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=25458806
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 16 Aug 2023 17:40:16 GMT
63789246390873.jpg
cdn.clinch.co/a_client_styles/23063/ Frame 4736
9 KB
10 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789246390873.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc3ff4c03850bd8a0ba7afc5391ae23a2d8004707e3936b330cedb47356d3682

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
FRJVYG01J061FP3B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
9367
x-amz-id-2
6URsIGXZcCMPgZGEd2G3v688XdV6dL+N05H45mZTURYBX027GLSf6Vks9KgbX1K7CZ05VfXIgMo=
Last-Modified
Fri, 27 May 2022 11:06:33 GMT
Server
AmazonS3
ETag
"cb4332aaf8e126b1037ddde3d3cf777d"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=25458806
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 16 Aug 2023 17:40:16 GMT
63789245920678.jpg
cdn.clinch.co/a_client_styles/23063/ Frame 4736
10 KB
10 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/23063/63789245920678.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25d61c4a7d82b029484bf0dbc6d1e78b201a3ff791efe22d4e78b1a0f2c25252

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:46:50 GMT
x-amz-request-id
FRJZT3C8W26RQCA0
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
10052
x-amz-id-2
ST3plDze0pg6q1OREo2C1sgq3zysRNOC6RjkqmO33qx7wbl/A3lFxwwyvyNF7U3MtH/8pOhy3+E=
Last-Modified
Fri, 27 May 2022 10:58:42 GMT
Server
AmazonS3
ETag
"c55b9da028a7fe18164c34a38743bc2a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=25458874
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 16 Aug 2023 17:41:24 GMT
imp
trk.clinch.co/ Frame 4736
43 B
219 B
Image
General
Full URL
https://trk.clinch.co/imp?cid=ugvn1W&caid=19233&caversid=10930&frmt=728a90&csid=26155&dsp=cm360_p1&plcid=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&iid=0f9cbfa1-0e94-41ad-bee3-1a3060599bd0&env=web&fcpath=lJICCJITAZIVApIZwA&prd=Ecommerce&ids=AlfaRomeo_Italy_Fleet%26Business_Prospect_Backup&isrc=topItems&issrc=Fleet&Business_-_Prospect&feed=2327&tilid=7753&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-2761373626&dsp_caid=18662058859&dsp_grid=28048435&dsp_ad_id=532399291&dsp_pub_id=DV360&domain=6324608&dsp_plc_id=340359205&dsp_insertion_order_id=23997664&dsp_crid=173973557&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c1=8122568&dsp_dma=0&ct=IT&city=7980&st=CO&stName=Como&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1666748810781
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=19233&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstlJ1fJjNvJN8stKXr__t5O3s2p0ISEzPvsrPYbOi0sE6_uc4jNcImlkuYZuaKJjt6cy3LqfUS0JZ66qR6WYdlt7ZuJEPR0nfuQofW-zs7PJqprH1V9EsF-GLCoiTQYXPrS5egXr4cZnaVRNxuftqcw7WX9jYK95eTCsM6PohuZXQr4u-bG7Wxi0UZSOMh40d96cAyyl-jo_dJo_ftbqsV8cU-munK3DIKQ1ugu2jhrXc1XJDza7J92zUSRsPobmdrUkJUUPlhiRB54dZFoFwV1ZR2wH2udJVJLPUkz8NsRL1SBaa3g4CvNm5mhTHh9Uqhscpfc5RGUruP5i44cRh9ogKh-knMV6_VP1AKEbOnaVWquqyXyn2zU96hJaL2JmzC_hVDEMHgW4kmpZH4sOgdyiEaiJfwlhA1jN7Yx3sT6pJeZn6IONvQ9Mwd9Pu0f4oN-Unt2oq6kXkqu3NmryOhxNRavJsQD3LRZcAibYxSfbVBUtdaLV_WOzzADPoSxX-J80xG57c3fjoHMJCVsSv-AugUidv9DLeqPLqcUmw8NvDpBMinMh3UtgbH456KOqNJecP7hzBRXuXPF-0s8l6SPqhGVuX5lUZUkxXQjdDoaFiZRoSmrpjAGPUWf6Tr878bsa4uF0Oj8o5oQUv2KvG4J_zbA1jCfWxhGRQ_SCUu5iSmCnv_1Y98M3Cm1r7sl9I53t26VnqLyFm3ieTSgDtYkajFu3FjJxSAiwtPMnzNpf8Y7WiZXAh4gMStr6yXnX3czh5nKITEit1gMLWwQQ0359RwJ6Y90HJJYNNvYCSXC5PPntLbXk0z7qBJRIwKmIevcDLvXTU5tHViE7J_tsy88D1uABooIoml3D9eLA2Pa4kE-Sf0tX8nas1smlB-b9eGMZ2V_pX886GaP3dlOwe1zKvSAjHXDNxWwMuCJIjh3540zRqzYE7g2cdBWhEbfWMZPAJu1SLQpA5vJMwtYQPOFaUByQlHCiE_D1lwDPNgY1h1bmMGlpTwKSiM9nWWhJCmIp9ZFUIfe24HH0LNgWI7uVI7zuzBwrMGeY6Ufjc43L6tubafZk_47J1lROaLjmQuFnmw6zeBX0po7IWNg6m-1S89sN3tb7BDLDvx58TzqTgHksWXGAAp4klV1c3PFNILyIB5yAhAvGZv3eFo0iFX-1BauQJ-UfYVkFy_RaZOS4h5RztzVsnw%26sai%3DAMfl-YRe6B1rFxEaM5OlSdXReaiuI8mGoAFi-F0Run6C3dmVQJC7M7KAxn_PmzVwHWYiUzIlaKMlPp_7ZSB543hO2YJKHs5zpAkCy2pF7Zk6xI18Rx7xj_380140LfW5kqowKvhVHyY9kOrUhnaKii9u%26sig%3DCg0ArKJSzI3EbVpo7jSZEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=FleetAndBusiness_IT_Retargeting_DV360&plc=229839&dsp_lp=https%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28048435%26si%3D6324608%26ci%3D173973557%26pi%3D340359205%26ad%3D532399291%26sv1%3D%5Bkeyword_id%5D%26advt%3D8122568%26chnl%3D-7%26vndr%3D115%26sz%3D10091%26u%3D%24%2423997664_18662058859_432965319%24%24%26red%3Dhttps%3A%2F%2Fwww.alfaromeo.it%2Fofferte-business%2Fpromozione%2Ftonale-noleggio-chiaro%3Fvvk_uuid%3Dvvkdb678176ff6d7d6ab173%26source%3DDISPLAY%26model%3DRANGE%26campaignid%3DMC28048435_FLEET_Retargeting2022_2022-6-01_2022-12-31_RANGE_IT_9999_NONE%26advertiserid%3DDV360IT%26bannerid%3D728X90_340359205%26publisher%3DDV360IT%26dclid%3D%25edclid!%23Tonale&dsp_impression_id=&dsp_c0=$$23997664_18662058859_432965319$$&dsp_c3=&dsp_c2=&dsp_c1=8122568&dsp_pub_id=DV360&dsp_plc_id=340359205&site_id=6324608&dsp_insertion_order_id=23997664&dsp_ad_id=532399291&dsp_caid=18662058859&dsp_grid=28048435&dsp_crid=173973557&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=2761373626&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.229.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-229-144.compute-1.amazonaws.com
Software
clinch /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 26 Oct 2022 01:46:51 GMT
cache-control
no-store
server
clinch
x-robots-tag
none
content-length
43
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3df49d16ba080e021e0e1011dcece6cff8aaed665d2cea07a815fc01dde5c567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11089
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:46:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD4A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
11547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 22:34:24 GMT
expires
Wed, 25 Oct 2023 22:34:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1BA4
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a6ca20580b8e406d3d39dae73e6fca438b466a8dc2c8ebaf26362fbfe7866963
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jryB4BqzNNX-qKQTRqHyVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa.elbwaba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-jryB4BqzNNX-qKQTRqHyVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:46:51 GMT
expires
Wed, 26 Oct 2022 01:46:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame CD4A
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 21:07:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BA4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=2219754121119867&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame CD4A
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?4K0kHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:46:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DE4C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu2M8hPcUkIj-AcUAC6VxpXjcSlJWBYbeO3UvXvCCi8kI1ZBQApmGiUIXkb-ZnQXyAVP775h154sKRD0aMaPYnKqAEu_GsZIRMO6qAmWOgAXHTFEvw4IxzHgPEcYgFVUc263KzfqLtbwjBk-Lp9ax-QyA6uDAU6DmVhEZCYRekA-WpYr2rra5lR1Kx2EcMc6hPzDUS62SFf5C2O-34LTjF2VpKYXanlTDNtOEpD-3rhTwXSotGXtF5t6Zr-npQReKeBaYFCRVuleu5UXhfzpqDrWLUyjMyCzqRz7WMZnY9kpIsO3yQT-xLWBlCuj9xRxpSf4HU792ZyMBabdTxnZ9dpjNYKYqs9lflTIrnJL1JmvYB1PB3nM6fhkp1tlvzh0ugcd422tgYUaIi98avNM2_OMlAB6OrwDy9cCy0WJUOXkzT3mMP1oWW31om4WldOMryt67cRrXjY2s_YYz8wmpFzV3lgOsk5H_jxEOoHjM5dBOojivkwliZ6-3hFddqTmmomVDfz1s5i-M1o-NtkcH1obAlao-xFs5wf5TlZLE85waFQtoAGSzcM7Es2vTPyb4d-ybZLefAgZeGURcrhumkb8Pi_9OkGkDf0VDpqjusKW3i1xdPtyOCBe-JKCQfkK-Nskr0_1eqC4zpEiKoZPAniphFiRDS9djcO4Ry8Tu389wUSRAOqQQ2U19gkumodlvinxquqwcUX9Mp_HDwrYNyZxSZNVlubhmzTmhNFbRBzT2lVLjTJ4pe6TYy_CICVqvGLYYLaUu409svrPZINwZ6U5XD2T1VqSBbrcPulIEEHtU9s8GQ920Q4BYhnzqOCUpRxRgwwdvR7crfsd-7eQh2g5eWNJPf074L7t68UoASwj-lFj6lRHMpbzXe_nUc4pcx3uDidfMPmee1_rSktcLxfP6Fu8PnsVeUbHneane5-yHqldZ0r81gAjG4FFSGpt1zjR6HUoYkvDz8YX4tX7uP2oc7fvXp6lTZ0r8sQJoasPDQduEkCWlhWOwWiTKBKOgQxabFDksHti4oF80bx1HHTiBd4CngXEkhRx0kkZVD_Q&sai=AMfl-YTZu9cjaYxFUJU7par3199jwLmA3RvR0__y_Q-T2yx9_Ug3z1JBmzJCyTW6oxzSDruFv4GTBwYep1BJAZ99fZe2GB7lzc2SHJgU&sig=Cg0ArKJSzNMFcShC5kMvEAE&id=lidar2&mcvt=1001&p=0,0,90,748&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=909556274&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666748809592&rpt=986&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BDD7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZG0eJGeBPe-hvhU_9KeOcMhPO2dW_6p081nDQY3WiiqBDiynxujxKukch5ls3Wq_EXCbzDVh_z6AvhqFabkqlljzhnwZC8qAG8bTSaZBChL-yhF2M4DRgqzqxisvbV64H7Wlwug&sai=AMfl-YRqLxDSesIe7YSq1AStaXnMTwKyZ_8N3lChMn2SrVYchhHMiIKJbCJaMbETBGEe-20sPi5v4qbwMQCz_Tw&sig=Cg0ArKJSzJHFehThE08tEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=118,801,1000,1109,1179&tos=118,683,199,109,70&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666748810358&rpt=254&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:46:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=2219754121119867&bg=!jI-lj8vNAAaaxvStusY7ACkAdvg8Wk18A9yUBzdEDlzVH11pOWew7fi6bfv7BY0oLaFWhZt92By1jAIAAABPUgAAAARoAQcKAE7FVScDXl49suN42TQuBoJ8zBw1dd-wz-yrn0zeHhhaKiO1FLG-Q4u0Q4AoufHbEaRgzXAOKlj5SW5MnL54du2ZklSQjEAN6E4JJBKqF1GZArIZhLzUByET-d4TkZq9js7GcUovpZrNN0cYJSo5XUjFgH31ZaxzWD1zYNOZVed7kZ_SU0oULJERAqsosEwgb-XYCIL4AIb4xVgPUV46DuJBznGy3Ab05k_QfpbhVOu94KTTvi-fY5oHOQYnyKHmtwt414t02hDLr1kB_BXgbqV4R6Bzdeh8lmb-VHjS1Q6rEyaaqy00PGvPrQyH69BCO8dM68TY5-LjaZxfMxO7fcu0QupuOyEsk64LfvFG37CMeWIyhNPFP1HkX8qPKCHU3mR1Yaln-25P0qQMg3NL9eO4HQSP3-T5zKUu7VjzUbi7I_KXRRtZe5Xunkqf2VwKwoS4DxtRgi3LcLsQ7gYN5A9nsmCW8Zb7AjYZTQB4wGGAWnVqzYVG1WENAO5Z5oZzbdI19d220XCbJms3Em7GKY6XiXZMuSkQ1z1iZ3ATeL92orxZrNx0W_M_ndPpEewNerPO7WZUgbt56Y-qpmplB1k0ji8DU2vWTkF3UeXWiwJRsuAMeDsoYe0xnRAu-ufpmqblelmKxfALLbSBVc1xrQ2DRdZqtPVUpGDyxAV0-aC3PibO5Yper4eGAK7w7oMNkyOpwBLYXcdtd-OdNb586JSnJkhC3arhvP8KASJfqqQHF-4yzP4Wsnm4-Mw0kdmWD9jYljimSVBKJhtbLozPX30-L0iflvL9XhfFVOiYjClAFEKGVX0b3v0n3z3PUI1YYEtE68jUI6diSHoHCX8ghsZz_OfBB_CFJ-EDSPiHH94mmSNMdd9VO5NQ6kGgzsx3JSjGCiaOJYdY8Y9RZ5G2EdNMFJNGVzIEwR4Z9ikH94-xtAoiaCkYKv5Om_elHR2lyq3UQx8pP9is0XSwgSVLApPeAA9cPvjNxhGIJkNsgQDPcupgea_xunB2AqbT-IsuYxDIUhY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://qa.elbwaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

20 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m9q1KK-8b5afc2ed421f38e8d-002
.google.com/ Name: __Secure-ENID
Value: 7.SE=fXg_BW1HVWt8IctX4DXCpA33cui2zbbMVeoZu4vL_S5XLSe9XyKNRAONeX2ipuBcGqRYI3cCLWVyC08loPz0GrYVzK2thxCh5RPa_2ZpnMxIeQubX98tyz3jZw4k6Y-GEKqfH2zvGcZ0rhnJnSHuterauTtW4lNLVMk3enwvmB0
.google.com/ Name: CONSENT
Value: PENDING+256
qa.elbwaba.com/ Name: PHPSESSID
Value: 133dfa3a7b41c48ce8f813c26dbae47d
qa.elbwaba.com/ Name: qa_key
Value: qh807dmvrv5vq6wdfi7vm4p08ubgg0bu
.elbwaba.com/ Name: _ga_TM8RE8VEQ7
Value: GS1.1.1666748809.1.0.1666748809.0.0.0
.elbwaba.com/ Name: _ga
Value: GA1.1.1152264564.1666748809
.elbwaba.com/ Name: __gads
Value: ID=1f8caeb1fa6b3889-22f10c5255ce004c:T=1666748809:RT=1666748809:S=ALNI_MaQL-U5aSpYSlR7H-eUbPsjxJAcAw
.elbwaba.com/ Name: __gpi
Value: UID=00000b7871005475:T=1666748809:RT=1666748809:S=ALNI_MaVkbSlIEAfKPNpeO05Umf-CMFAhw
.doubleclick.net/ Name: IDE
Value: AHWqTUkWFCvx2Mf4KwsyHCizLmdzyV22Ywsv_jEX-LccVmn9b8lHfc8KeDrtDsK2GFM
.casalemedia.com/ Name: CMID
Value: Y1iRioyrNxB-f6WzNWXOPgAA
.casalemedia.com/ Name: CMPS
Value: 2156
.casalemedia.com/ Name: CMPRO
Value: 2156
.myvisualiq.net/ Name: tuuid
Value: 82123594-aecb-4a47-a199-bf7bf7a8006c
.myvisualiq.net/ Name: c
Value: 1666748810
.myvisualiq.net/ Name: tuuid_lu
Value: 1666748810
.adnxs.com/ Name: uuid2
Value: 201754099773006514
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%wkXI=z!]tbPl1M>e)ZlrFUfJ+tGXxom><.K/Fs!'ZHg6C6AHH=7^)]ZHao7r/<%lms*bpRz*qF1`*b_r7*8n1r
.clinch.co/ Name: clinch-sid
Value: adf7993b-109d-4eea-8f8a-52fb56565967
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
bit.ly
cdn.clinch.co
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img-cdn.clinch.co
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
qa.elbwaba.com
realtime.clinch.co
region1.google-analytics.com
t.myvisualiq.net
tpc.googlesyndication.com
trk.clinch.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nusoulhubradio.com
142.250.184.194
142.250.186.130
185.80.39.216
185.89.211.132
2001:4860:4802:34::36
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a02:26f0:480:b::210:f1cf
2a06:98c1:3120::3
3.126.26.70
3.220.229.144
41.185.64.51
44.207.12.74
50.87.253.242
67.199.248.10
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
06b0bf970913e1db3b38f4bf598d80972cc46169964a0c9879c1e5100750e6da
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d26691bd967b89574a1b86fe718c5e35c6a236d7c96971feb6826f4b73078be
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
15d1bc2defbdc72e47add048effa60c19d6d2d6fae90f041551882fc965f3ec7
161bdc6663b0b27b455a45be342681314b6dced363e4f1b94a4359730fe12e5e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
25d61c4a7d82b029484bf0dbc6d1e78b201a3ff791efe22d4e78b1a0f2c25252
31e9224386ee43fc0e1efa90cf82a54b3ffd7a96b09da78ec101d1d645cc4e0d
35cafb0fe0c776b839b90fc6e2f49643c7cbe08021909281bfd2816dfb441629
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38a743f65d5682341f69c68de47c226eee291cdc3d8d582da1ad9aaee049038d
3df49d16ba080e021e0e1011dcece6cff8aaed665d2cea07a815fc01dde5c567
4557d7df65bd8a955ab67723ea6ef4f7496aadde35a565b9069481bcc2ca0153
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd3b54d411ddb86197274529dc685f9098aef3e9d82734b73cfc9b6f2cc82fa
4dd4cb223f540a3be7a0cb8d6f7091ba61452fdb0346cef751842c5c8044a858
4e64d4ce35d0f150f580fcd71f011e55f47e8b990d10bbf50d41d70ce2a3cefc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684ca2bb053a29d2ba8dc293c083e31c5d9db90a1ced25312dc9363973a205f0
70d6b2361f7519708dee4ffa6f347ca978e36c9daf41a8f777d46e65949084ce
72d71ab2fb803b282ace657ff8d640f3ddf4f03f8a30d29e5cf54b0041dbc167
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
835733f3507f55f9c5bd2f4cf85433f511bbb831fd7bfe29eed08fa4bfe6995d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
910ae1236390d693556a56834808aa74753e59939dc285cb99863502b7757882
93c811f52cf6b70b0740700ac6b416abeea3c169cff227242725a83eb0a224f3
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ee591308213320b3483e8d7e904935fc3b71b0acde743c7409973600caa1cb
a6ca20580b8e406d3d39dae73e6fca438b466a8dc2c8ebaf26362fbfe7866963
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ad8f20d6a1e41e6ad324068c2807b4d2472507e17c1144eac1b38387a011ebdd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dc5d8ce1c255e7a7527b5ffb562c2ca414e1f22d0af78ea9758523d42fa39a
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
b85bfc116e033e6c089493ee94e90f03e192410c3652fc99bb45bdfad39bc23a
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb5f9c400ad9e4f64c71e6f46fe20067ea6c3cf1486842d15d46d9b5b99b4091
be378e16bb62713627e57596358979d927130970704550aad75847be7bd99707
c41bbe6abef2f75f5ae16d2ecbd35a8999e1ffb3096fea56ff7139e073b083f7
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cae2d63844e8a31942eb6913491400b30b2da355201d94c8a2c3757f966fd265
cdc3f56d40387b4811bdbbfee5da858822dd1a79eed94337ec0e1ae0048fa01f
ce17e2afc1df45e2af285626d1f3488f2a28c5b581ecc0f61682f83634ae7acd
d521fa39ee66ae4d3cb0685a2109e6c1e69ce3f2bd15cb6855242eca12b59105
d7b49c8a74366d4554e2d2a0e4aea26326aeca5b9282e971ff158f9dc8e7151e
da2a6d3458fb733ddfa537872a2861e52a5eaebebef3fdad52c97cc14209dfc3
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e07b671ffdcaeb84f255f1e4b8903c4e683bbbac680ff553f8f0d070f19ed6
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
eef9c6d710d5ffcef3be008af76ea83a68d1d22b543c4de2be6dabdd4f53832c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b5d792d67969a3dde0952a0e6ec59186d2c8d1de576fab053aa8b3db67540
f147d8545b724d3629e98140c32fcc3d25120f3a8530b5cd7a6b75e390aa735e
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7abf8b0e1b42ac6258c8cb23aa5ba1d5f7381f76b742df99740c6838832e396
fa20017aa51659257caa1474652600099eaf16ca50ac5078ce3b02af2109f45c
fac7e0f42023925c6d3b86a6a4707e3ba68667c11b695dbfe6c6d8b7f83160ee
fc3ff4c03850bd8a0ba7afc5391ae23a2d8004707e3936b330cedb47356d3682