bowfile.com Open in urlscan Pro
2606:4700:3033::6815:254f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6AhUvMuwKHRY2ANgQFnoE...
Effective URL:
https://bowfile.com/dk7B
Submission: On September 15 via manual (September 15th 2022, 6:44:09 pm UTC) from IT — Scanned from IT

Summary HTTP 138 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 27 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3033::6815:254f, located in United States and belongs to CLOUDFLARENET, US. The main domain is bowfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2022. Valid for: a year.

This is the only time bowfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
28	2606:4700:303... 2606:4700:3033::6815:254f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400c:c08::5f	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206e:1800:7:f62:ac00:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.174.88 52.222.174.88	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	104.21.24.109 104.21.24.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	158.69.139.225 158.69.139.225	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb	16509 (AMAZON-02) (AMAZON-02)
138	31

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3033::6815:254f (United States)

ASN13335 (CLOUDFLARENET, US)

bowfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c08::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:1800:7:f62:ac00:21 (United States)

ASN16509 (AMAZON-02, US)

dyrfxuvraq0fk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-88.cdg50.r.cloudfront.net

easeavaila.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.24.109 (None, )

ASN13335 (CLOUDFLARENET, US)

hrmationeng.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	501 KB
28	bowfile.com bowfile.com	1 MB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	119 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	173 KB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 7103 ic.tynt.com — Cisco Umbrella Rank: 4104 de.tynt.com — Cisco Umbrella Rank: 1445	9 KB
9	google.com 3 redirects accounts.google.com — Cisco Umbrella Rank: 77 adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
3	google.it www.google.it — Cisco Umbrella Rank: 21871 adservice.google.it — Cisco Umbrella Rank: 47866	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	2 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13619	3 KB
2	hrmationeng.xyz hrmationeng.xyz	963 B
2	easeavaila.buzz easeavaila.buzz	2 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 25193	101 KB
2	cloudfront.net dyrfxuvraq0fk.cloudfront.net	54 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	457 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	463 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2989	344 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15065	183 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	644 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	73 KB
1	waust.at waust.at — Cisco Umbrella Rank: 36718	7 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
138	27

	Domain	Requested by
28	bowfile.com	www.google.it bowfile.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	bowfile.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.google.it www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
7	ic.tynt.com	bowfile.com
6	fonts.googleapis.com	bowfile.com googleads.g.doubleclick.net
4	accounts.google.com	2 redirects bowfile.com
4	fonts.gstatic.com	fonts.googleapis.com
3	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	t.dtscout.com	waust.at t.dtscout.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.it	pagead2.googlesyndication.com
2	hrmationeng.xyz	bowfile.com
2	easeavaila.buzz	dyrfxuvraq0fk.cloudfront.net
2	pogothere.xyz	dyrfxuvraq0fk.cloudfront.net
2	dyrfxuvraq0fk.cloudfront.net	bowfile.com easeavaila.buzz
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	region1.google-analytics.com	www.googletagmanager.com
1	whos.amung.us	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	bowfile.com
1	www.googletagmanager.com	bowfile.com
1	waust.at	bowfile.com
1	www.google.it
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
138	35

This site contains links to these domains. Also see Links.

Domain
www.wikihow.com
www.youtube.com
cookiesandyou.com

Subject Issuer	Validity	Valid
*.google.it GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-20` - `2023-08-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.pogothere.xyz E1	`2022-09-04` - `2022-12-03`	3 months	crt.sh
easeavaila.buzz Amazon	`2022-09-13` - `2023-10-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.hrmationeng.xyz E1	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-25` - `2022-09-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://bowfile.com/dk7B
Frame ID: 401BF4ADABBD1BCDBF1438870CAC28E1
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: 205EAD733E544F813940DE910FDDB965
Requests: 1 HTTP requests in this frame

Frame: https://easeavaila.buzz/NFM1TXBVMVYgT1VuV2sFRj8IaEJydgcLFE0hUzUFQiFUPEBSOBsuHFsmUSsCWz1BYx5RJxB/NncJBD0GewRCCD5lFVMYCHkpdjoiYgZYeChwFQQPPXYrYgwYUD19IyVaGnQmKGURBQIWdidxDjZEImYbJXoQYXwjfCReBz9iGnweF212Bw80ZQFsHCMANWMqFFUdXXg/dSRgODNfHnoIOEMyYgs1fx1nGyF1EkZ6I1MgRBgeZjV9C0VsMF0lIXU0eHw3cSN/GydbEWEYHGIyWXk6ZT9RaEJyC305OmIEWhQldRlnLxtbGHkmOlsLBQsRYWB7BjMFJHIGGBlqYw4idXYHCzRiGnMIQw03U3wcYTFgCDtjOH8iKEwWfQkJABBjGBxiFGAiPGwSRjcycit/GydbGm0MSHkdYBQTbD9WeDIEIHEOGg0YdjQAYzJZIihsFlk7KFMRbx4nQDdxCBxiMl01KXc0bCIyXCtQBCcNMHEmOmExcCE9YQVsaxpHPFs9TUUffgojTCpEJA
Frame ID: E6275D56B9B1A9AA9FD167B706015906
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443747&bpp=4&bdt=986&idt=334&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=7398430033619&frm=20&pv=2&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OWwkwIB7Io&p=https%3A//bowfile.com&dtd=351
Frame ID: 4F26D5735158E55B005778B3F61A4C7F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1663267444&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbowfile.com%2Fdk7B&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443970&bpp=2&bdt=1209&idt=133&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=138
Frame ID: 488BC56F5FE27D4B45FE6B829C4938D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
Frame ID: 948141D52858BCCCA6881875F0FF5FA4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3197078125~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1200x90&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0%2C1140x280&nras=3&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OVQeH8cqcA&p=https%3A//bowfile.com&dtd=19
Frame ID: AF8147C2E8559886ACF979E672626BA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=90&adk=1753261642&adf=462635073&pi=t.aa~a.3407205583~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x90&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=1&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0%2C1140x280%2C1200x90&nras=4&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1JFobmmQj6&p=https%3A//bowfile.com&dtd=22
Frame ID: 5EAE834CC69CDF88A55532A7247EA339
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3714FCD7481266A47F8352B85C0FABB0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js
Frame ID: AFB4B51FA472B5C3E737A9EDC63FC21B
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 38DD66B764F0AB426CA33C20EFCB508F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C70A6469E14B0BE6261AFE2137DF5B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19B8A42B5AE1CCFB6FE82FC66ECB5F77
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js
Frame ID: 37DA865EC5EFE8F08D684003AD9A38F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js
Frame ID: C196C763F20CFB646F42B160733E7F48
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4343F8FC71A53480479DF80642653803
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13D9B69D98028F34B76C1469DA11E9F7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CCleaner Professional 6.03.10002 (x64) Multilingual.rar - BowFile

Page URL History Show full URLs

https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6... Page URL
https://bowfile.com/dk7B Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

96 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

31
IPs

8
Countries

2270 kB
Transfer

4489 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wikihow.com/Disable-Adblock

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=roWd3cISn2M
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=e3x4M3gfhhM
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LgIQY3uavf8
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6AhUvMuwKHRY2ANgQFnoECAkQAQ&url=https%3A%2F%2Fbowfile.com%2Fdk7B&usg=AOvVaw2wZ0zRg0Ogj8xJjc_ghBnO Page URL
https://bowfile.com/dk7B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-234640997%3A1663267444084964&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrjE9lll114LzVDu8MPt4kkitOYtD213qcAaeUb9i6IBUO_QPlw5ZhAOe0icrJ9wtHnANxg

Request Chain 42

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-586914611%3A1663267444095382&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpDIHJiDoJe_iWkhOB_1bz1JPIz6Ax6dCWpWrfHQlp3px6eF6Aam7DTwAHftFls8MhksPLl

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECobkod-b5kGV7ODW1V1D38&google_cver=1&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOyO_i_gZiUMZGYOP-Kd96sBaQzP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzRUhRUjMtMjAtVE5a&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOyO_i_gZiUMZGYOP-Kd96sBaQzP

Request Chain 125

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_cver=1&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ymrcNIwN6rYtdw4U68b0QUgRWbWtxebYq1UV52e93DYRgo6xrtioQaTB5OKBWqssF HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ymrcNIwN6rYtdw4U68b0QUgRWbWtxebYq1UV52e93DYRgo6xrtioQaTB5OKBWqssF&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_hm=YyNydc2KqXeSic86NP4uyQAAEVcAAAAB&google_nid=index&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ymrcNIwN6rYtdw4U68b0QUgRWbWtxebYq1UV52e93DYRgo6xrtioQaTB5OKBWqssF

138 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 url
www.google.it/ 920 B
1 KB 268ms
108ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6AhUvMuwKHRY2ANgQFnoECAkQAQ&url=https%3A%2F%2Fbowfile.com%2Fdk7B&usg=AOvVaw2wZ0zRg0Ogj8xJjc_ghBnO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 467
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 18:44:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request dk7B Show response
bowfile.com/ 23 KB
6 KB 162ms
93ms Document
text/html 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/dk7B
Requested by: Host: www.google.it
URL: https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6AhUvMuwKHRY2ANgQFnoECAkQAQ&url=https%3A%2F%2Fbowfile.com%2Fdk7B&usg=AOvVaw2wZ0zRg0Ogj8xJjc_ghBnO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87886fe5c3e3032ff9a3bb6c20b2c5ef995e5ac7b98271b90b0bd860fe476d2e

Request headers

Referer: https://www.google.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache public
cf-cache-status: DYNAMIC
cf-ray: 74b382ecca49f92f-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 18:44:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXBTL7f2QKAv1Hv6M2VXKR3RSlcGO3uiyquOyVEGfTp2Gh3qkn4VskffxLeVwDUeS%2BAQYmtJ6jSSu36Iv9kg4n3afUfzn05f2pPZK56DzNPgw9InaSEQcI1MnmPpW0GJrucaDXQgWhbOAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 75 KB
13 KB 61ms
58ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 2680
etag: W/"5f8bebbe-12c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZf7PIW1lZlecdCZsSefUKKzgVR3pEDsabPAOEc4G0qpndvX%2Bl%2BsIcFEmReV7wfKxqEZ%2BhOBHypMW4ZDZy48UkH%2B%2ByEC0RTj0iJvOzt%2FM97i9hNkdttkwQTUKhp6uiK0knP63s25e2tu0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382ed5af4f92f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stack-interface.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
787 B 36ms
33ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3057
cf-polished: origSize=3160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWAU4SC5CPv6Tpr6B4kIDgZQM4aFopKsTwrpElnQCprmMwLVHzkiviutvsMJI4POkBz3%2FomrEOgFMeocFUawyaj37CiL65jo%2F1KzqMcY%2BdU6BLKPr3nm37pQ8bWItdOTuWV01o%2FYV25e1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed5af6f92f-MXP
cf-bgj: minify

GET
H2 200 socicon.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 34ms
31ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/socicon.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3057
cf-polished: origSize=9838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-266e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSqjKAyOvBVmjbnHb2oWkrlQCu4ibdozU5SpIajfsbcRvguvXPsyfuYMK0P0PpYf%2B1LZJCmPL%2B4uvk3pHarXZ7lGUGr35fmEg3O%2F3yyqF4sm%2FCQdEqVsC8O%2BGyEhvdXYpqpdT6G6lapK%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed5af7f92f-MXP
cf-bgj: minify

GET
H2 200 lightbox.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 34ms
32ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 2680
etag: W/"5f8bebbe-f31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkCF9wEFvh9XKNT8z%2Fp62Zjd0KMZ0TeCo1wdrnzAuN0sJlYdMHvhjUkNRDed1lejLB7XfMHwj0q27CENmbdOmAGB1asg2JoBM2Qbp2EM4m%2FdcpClhY4N59xHVeL2w7j5U41MrKMY%2Bw14uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382ed5af8f92f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.css
bowfile.com/themes/spirit/assets/frontend/css/ 2 KB
904 B 35ms
32ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/flickity.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
cf-polished: origSize=2521
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-9d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj8rAPPp37wmxzKyNYSi9pC2AQiAfNZu5Pdce0RtwrRTVDqJrMibjDu8ZWlGZe8p6x20BClZg3bHmM%2FFZB2tmeAGEh9FqdbNGFxKSB%2FDOC5xh8SSo1VISXEvgaw0Z5RvgW%2F1Hf4fnzuAIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 74b382ed5afaf92f-MXP
cf-bgj: minify

GET
H2 200 iconsmind.css
bowfile.com/themes/spirit/assets/frontend/css/ 80 KB
15 KB 37ms
35ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
cf-polished: origSize=102727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-19147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTYxU08r%2Byub%2BKCo5TRCXT7W20KEgiBAq6Jmvd4iiaeqYVk%2FCIYGOfRya%2FWp6GjMcKdtrOosg47wJpfPDvsDWnfpMXCsvsuSLb8EsM41fb%2Be1KsmncQ%2BbigP080uT%2Fgnes83xNCO%2Buljpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed5afbf92f-MXP
cf-bgj: minify

GET
H2 200 jquery.steps.css
bowfile.com/themes/spirit/assets/frontend/css/ 4 KB
1 KB 59ms
57ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3057
cf-polished: origSize=6019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-1783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfOgfrWKPC9twWxfgECqlRupl7k09abIGTZzL07kOBV5k%2Fvl4MIjbeaVHmCuAQd5SQObOiA02zgs%2BPKyvbuvJ5AOeIl6i6dx3Do564H207%2F05ixyH3h1EPFdq1voXko1A6if%2FUu5onX9Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed5afdf92f-MXP
cf-bgj: minify

GET
H2 200 cookiealert.css
bowfile.com/themes/spirit/assets/frontend/css/ 12 KB
9 KB 56ms
54ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
cf-polished: origSize=12369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
etag: W/"5f8bebbe-3051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8rfeTZ6nIUyL%2BIEa5en2RZB6iWrly%2BFsp%2FsXvG4hFQbA9UqwIbVtYli0e5pLVTG7WNOY1U%2B6lxPvn5GQCASDlR1Ga2FQrMT17K7J5GGzf0dE3ujrgACH5ONYRrYMQSofdi%2B%2F1kQE7HXzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed5afef92f-MXP
cf-bgj: minify

GET
H2 200 theme.css
bowfile.com/themes/spirit/assets/frontend/css/ 159 KB
28 KB 38ms
36ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
cf-polished: origSize=207645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 May 2021 14:46:41 GMT
server: cloudflare
etag: W/"60a91951-32b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUbkcRSYIjtvdyKIBRmFVvtsWb67PQLgz0RFhee6OUJcafr2cFhFAGf%2FNLeXs9eleyaIGDTWtSmefutuIGZ%2FTgbcHSazxFBfQ%2FRyW2A0Tj8EOVpHra%2B6gIY0yYv1FHR3ZbnbwOWjXWir0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 74b382ed5afff92f-MXP
cf-bgj: minify

GET
H2 200 font-awesome.min.css
bowfile.com/themes/spirit/assets/frontend/css/ 58 KB
13 KB 36ms
34ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
server: cloudflare
age: 2680
etag: W/"5f8bebbe-e6ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Je9IVrdupTc01Jyo%2BhGtBVFAYI8Mx1czIEmDCMkL0J%2BhPt7Il%2Brz23Eqd1oD8EUkzFmlEL%2F2hpCmL6ofp%2FbC5lNQeRprct0jwum4XxppnZ1%2BTJtD184RtKjRjGL0TUJrdC5zh7dzx2lHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382ed5b00f92f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 custom.css
bowfile.com/themes/spirit/assets/frontend/css/ 7 KB
2 KB 60ms
58ms Stylesheet
text/css 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/css/custom.css
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
cf-polished: origSize=8936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Feb 2021 16:28:48 GMT
server: cloudflare
etag: W/"601c20c0-22e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLPCp90WRt6Vj5unsq9TCPP9wurkqxUo%2FwiM0PJMH982Z2t%2FEBqIZv8Zo9Ll130W4i8Q9QamOJKa3cOW721PAmhS4t937fZJ%2Fj%2Fc%2BtT%2FjKHOrSamoh2Ff8pYUdg55Vz7ChT6UyejNmzWMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74b382ed8b2ff92f-MXP
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 416ms
126ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Requested by

Host: bowfile.com
URL: https://bowfile.com/dk7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5f690ea1f752b40ea9bb8a23ecbd0d04ff541bb9c64eb22820d2a43b0a5f9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 18:17:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 419ms
129ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bowfile.com
URL: https://bowfile.com/dk7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 18:44:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H2 200 xads.js Show response
bowfile.com/js/ 151 B
492 B 118ms
117ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/js/xads.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:02 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1b4MouHKtqOS3F%2FEcYoe8z7BkAwUYNySTbQTPJZN23PmDPW2rdUP%2Bgt3ocnQYflJDapRnOQy0bdHYhMn1nOpsNxNS9oaCiwnhOugLUGk3jmCGKieN4GymLuLyIHss81bnINfruqhxrP42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, no-cache, public
cf-ray: 74b382ed8b33f92f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 primary.jpg
bowfile.com/themes/spirit/assets/frontend/img/adblock/ 13 KB
13 KB 220ms
218ms Image
image/jpeg 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/themes/spirit/assets/frontend/img/adblock/primary.jpg
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-3209"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtVu5smNF9EP91VToNZu1HnuOq56cp6SSrWESBN8clDSrfO7uv43zboZu2lYeICbQN5PYaMJeklKdYpkwgzVCmWiKgsEv%2BWJwAvmodVlnYv92pZRQ4hvgagIFcuILHKNer4kzon0eTJ%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b382f00c92ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12809

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 354ms
156ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bowfile.com
URL: https://bowfile.com/dk7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46bdd3ffc0ebf8766ef371a94df6af6ca0e2e8ef39b248224ea6d565883ca738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58113
x-xss-protection: 0
server: cafe
etag: 2710064906995122832
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H3 200 lg.png
bowfile.com/ 788 KB
788 KB 249ms
246ms Image
image/png 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bowfile.com/lg.png
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 00:28:32 GMT
server: cloudflare
age: 675
etag: "60a45bb0-c4e0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMUedwDvI9L0Fqj%2FXJl0W5xsnc5bF9Oymx1%2FxN1CrhrCzWAms2%2FF1de0LXDLSh8BEZRB83ijrqeybhueeP2ssI%2Bggpuk%2BlzyeO3B4Nj2BIjkANTPgUMFlLEegQ7GYPHwcjI3KwjSf%2FXc7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b382f00c95ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 806415

GET
H2 200 / Show response
dyrfxuvraq0fk.cloudfront.net/ 162 KB
53 KB 425ms
322ms Script
text/plain 2600:9000:206e:1800:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=954851
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:1800:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 22b4b2572cf1822d1dae8bf4fce6845a56eedadac310ba8d0741aafcc7bfbf1d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53922
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58fe.cloudfront.net (CloudFront)
x-amz-cf-id: 86Bcbfhapzs6gmA21fRMZgohifqg3x7zqN-Wcl1k0T5FKYdvLBqU4A==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 446ms
197ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520

Requested by

Host: bowfile.com
URL: https://bowfile.com/dk7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3aabebc03de33e13fbcc51a82116f8e2a6ff4212d20db2845ac143012c2583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Origin: https://bowfile.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58095
x-xss-protection: 0
server: cafe
etag: 11361386254521849069
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H3 200 jquery-3.1.1.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 85 KB
31 KB 65ms
64ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 675
etag: W/"5f8bebc0-152b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6UYtPyoFIlAenqwAX4%2BQQ9o3xXFJFK5wPC2oT8TbT%2Bk0FY1qU5m3%2Bv579nXxO%2BMmZaZJrqpy409E5vGEwof64fY9Bb7s5cTouYMBcyitAMo1DzviIlBH3WASQxkosjvOaZ%2BZRbYWyrZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c6dba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.dataTables.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 68 KB
20 KB 37ms
34ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
age: 675
etag: W/"5f8bebc0-1107a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U74%2FJCIarSKhDLFBvjwBoqQsXGgTDrO1Y2v%2FYP9sBrXS0hEnGVaq6ZZ60fsqfrMf%2Fa%2FXqw3PlmHYrIV4WoZutbUykMR5qQi0SZkosn4k2Sal7nlI4w3JuMYAi85LhdqAcsUYmPx15b5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c7bba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 flickity.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 53 KB
14 KB 147ms
144ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-d271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ1XnMzJNplFlsjY1nmPpfyRIU86peMqvmEPdiSiQABIOMcUhyw8lcsL6xHm5lz1II4xKWdX74oyKSuIyFywxwceViJJy7%2BDDpd6HGPLqrJnH99HrirJkGcUdh1DpGIvtZmip%2BHKqqe%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c81ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 typed.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 4 KB
2 KB 170ms
167ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/typed.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-f6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1cfdNOeQ1RxP6Z2o9LDI6KoSHetdR2szeqo1dHC3KbOkvaO7HAElAVO%2Bt7V%2BMPkHUpqc6dI4%2FXlm0sPzriQ89rEbnShUyUfEfqJyL5NW%2BPV3csCGAhMWywfdKdKLWFf%2F2eialQOrnNwdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c84ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 datepicker.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 20 KB
8 KB 170ms
167ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/datepicker.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"5f8bebc0-51ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFAADe7jTYIhdl64TNZoII0XNEfloOgHvagi3OsHXf%2FrGHSKcbPBWR18ExOpfiKh3gBNDhhit0QvLh2zpb%2BjQmafVY1XZzdUAskYaKx3ID4zBmvVlGIyNlrsBwwaUXuKhi%2BNJGUwrA46Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-polished: origSize=20975
cf-ray: 74b382f00c85ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 granim.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 10 KB
3 KB 921ms
918ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/granim.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-298b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbsfC6sDtusN1XZSoEoiBQOhqFv%2FZz6xoP8IIrLk%2FwziWAfAMdy2wLVpKVOtFn5IgeVBQcEy4WK55HTNFKx5S8mKHs5oJVoySJBMQWt4XnS%2Bvn%2BWGuTyr%2BQVwP6Wy%2FTGPsGuMRdbPGBG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c86ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.steps.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 14 KB
5 KB 989ms
986ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-3626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjJDWo5%2F%2BnUysvhq4ESMuTNp%2FIK0QLN51M8a02EqKNatCl%2Bg3sllR0fegNDmoFb5hjg5dOa5pNcciLK6%2BUYKDodQLb0KeM5XCy02RXZhAaINWRQaTL4VtJqPDWuNdhLJJo8hTGjkRjOZmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c88ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 countdown.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 5 KB
3 KB 990ms
987ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-14f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3d5TsEfUklsamGDn5L58PjLRbHcS55oy7isJUskPGHYPWlPIbJ1tqYk7vr5sC6xgdzwKoRXttQKYJi5uqlib%2BZlacVLd6jyaN5U1vXBrwrEB04q8DSsIEzh0CestVWzkp5cdGr9MBKTjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c89ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 smooth-scroll.min.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 6 KB
3 KB 194ms
192ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: W/"5f8bebc0-178c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Iub9JDCx0dKsnHIxpuN0dHivYawOFrLKYvinc9g4CsMp%2Bc2%2Foo95xw%2FQAp7WOl7uVD6CsP5IHTJv8yVrwTaXo7WI7AtHMgS%2Bl%2FUevv5XPC8QjBR68isUvRztTqmVh24rwKu0Ae41EiUXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f00c8dba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 65 KB
17 KB 194ms
192ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/scripts.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"5f8bebc0-1c0ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BpmDMMBmMvgm46OuTCX8TY43B0LHtNlbZKcqdKq6fALCHf7Pygu%2Bx9GFCaxKPsIqKelIoBZOZAeJws29EdxRH2efJBKCm5THa3%2BxCnW6zoOF4Qio2jgoyzi5MjlWl0VlPbjHnmfCSCW5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-polished: origSize=114862
cf-ray: 74b382f00c8fba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 c.js Show response
waust.at/ 13 KB
7 KB 110ms
43ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 18:12:49 GMT
server: cloudflare
age: 2782
etag: W/"630d01a1-329b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CvQsPYwGzIelHTB%2BCHsef6Gu%2BbbBdmxh8s2LVttASJmia5mMeAapEwjujxm6R7to6e%2FKgVnx84whvrFI%2FFv5dELcK2fljQRhCBpOpo%2FaW2pADhRaY2xSQob%2BPHOcw1mU5eOaQyW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f078e9bb1f-MXP
expires: Fri, 16 Sep 2022 17:57:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 286ms
76ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2

Requested by

Host: bowfile.com
URL: https://bowfile.com/dk7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c0e01eedd16492ba2432e1c306cc9a6b98a68ae3d56f6c50db90edc6fd5235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74650
x-xss-protection: 0
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H3 200 cookiealert.js Show response
bowfile.com/themes/spirit/assets/frontend/js/ 935 B
1017 B 220ms
218ms Script
application/javascript 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"5f8bebc0-72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnuxyKqgbtyJNi7Dwbrc2YhEDOV2Sudps1EIgD0%2B0hqCp2VIdEnSYAd6eLS1REhFB1a%2B4TxWOzEXbPckbKWIv1vJN7ICg%2B2zDktQg43IPbkiHT9476%2BsQFtlxKvl%2F%2ByZ3o6mS5YUUxVoSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-polished: origSize=1836
cf-ray: 74b382f00c91ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame 205E 10 KB
5 KB 142ms
41ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 45397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 06:07:26 GMT
etag: 8616628553774171045
expires: Thu, 29 Sep 2022 06:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 301ms
238ms Fetch
binary/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=954851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 15 Sep 2022 16:11:05 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4Y0ldtITwGQfDkojqz9iXCZxW3yDEDrsBCG2GIAuapjxTgbQBpbbPDLyinQeDGId8VjP0UWULq2db9o0f%2FvbC%2Frf%2B4HiXlF%2BU2wcppN5dBNO5WJGKEdyNRPytP3GAyh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 74b382f39fa1baed-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 26 B
631 B 195ms
132ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=954851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ced1f8c0b694ccb6f9749f6051db6bd26fb52bbf8a3b6249b637d3fafaa0abc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://bowfile.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfmVC%2FP9dyd5WCNxjeg4EK8GZx3WwFPWVV%2FGtyUtEzFqliT6%2FkdCgxyAYYkcjQkJt92FnczDJ%2BztdZksVmnF3HitInB3vukeQnLRRG6NTGn0ImpPEy0uQMQlN61Pm807"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 74b382f39fa7baed-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
easeavaila.buzz/ 0
485 B 357ms
221ms XHR
text/plain 52.222.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easeavaila.buzz/utx?cb=9c0PsAJSnOGH&top=bowfile.com&tid=954851
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=954851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-88.cdg50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:03 GMT
via: 1.1 4e4ca876a59e9f2e22ec751bbab5f282.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bowfile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: UtmmKdz2WwedpFc3F4kopsMa0385tyMrQsMPWoHQW7EBshYj3sE95Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 408ms
134ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 258809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H2 200 GydbGm0MSHkdYBQTbD9WeDIEIHEOGg0YdjQAYzJZIihsFlk7KFMRbx4nQDdxCBxiMl01KXc0bCIyXCtQBCcNMHEmOmExcCE9YQVsaxpHPFs9TUUffgojTCpEJA Show response
easeavaila.buzz/NFM1TXBVMVYgT1VuV2sFRj8IaEJydgcLFE0hUzUFQiFUPEBSOBsuHFsmUSsCWz1BYx5RJxB/NncJBD0GewRCCD5lFVMYCHkpdjoiYgZYeChwFQQPPXYrYgwYUD19IyVaGnQmKGURBQIWdidxDjZEImYbJXoQYXwjfCReBz9iGnweF212Bw80Z... Frame E627 3 KB
2 KB 225ms
138ms Document
text/html 52.222.174.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easeavaila.buzz/NFM1TXBVMVYgT1VuV2sFRj8IaEJydgcLFE0hUzUFQiFUPEBSOBsuHFsmUSsCWz1BYx5RJxB/NncJBD0GewRCCD5lFVMYCHkpdjoiYgZYeChwFQQPPXYrYgwYUD19IyVaGnQmKGURBQIWdidxDjZEImYbJXoQYXwjfCReBz9iGnweF212Bw80ZQFsHCMANWMqFFUdXXg/dSRgODNfHnoIOEMyYgs1fx1nGyF1EkZ6I1MgRBgeZjV9C0VsMF0lIXU0eHw3cSN/GydbEWEYHGIyWXk6ZT9RaEJyC305OmIEWhQldRlnLxtbGHkmOlsLBQsRYWB7BjMFJHIGGBlqYw4idXYHCzRiGnMIQw03U3wcYTFgCDtjOH8iKEwWfQkJABBjGBxiFGAiPGwSRjcycit/GydbGm0MSHkdYBQTbD9WeDIEIHEOGg0YdjQAYzJZIihsFlk7KFMRbx4nQDdxCBxiMl01KXc0bCIyXCtQBCcNMHEmOmExcCE9YQVsaxpHPFs9TUUffgojTCpEJA
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=954851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-88.cdg50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 2aeb0d1ee7dfb8d7d0b50c8239795e1c1d71931e8ce2d75fef50660eb366614c

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1231
content-type: text/html
date: Thu, 15 Sep 2022 18:44:03 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4e4ca876a59e9f2e22ec751bbab5f282.cloudfront.net (CloudFront)
x-amz-cf-id: 39ybyKwXfNTMI4xl5JoyRzBByWEVEsDYxgr_HsDTRU2LUw6IWKZQtQ==
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront

GET
H2 204 VXJAAX0KfUcAfw18Rw5y
hrmationeng.xyz/SzlPcTdkBiwCChFsBkBgDFEYFEANSBgdeTx7CBlWHXECNFZ6UmkFXi8EdkQDcwx+V0ciXXJAEThNLgVCOAR+V14lXyBMET0Efl8Efxd9SRl6HzpMBm1NPxBQdghpAUM/ 0
410 B 217ms
151ms Image
text/plain 104.21.24.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrmationeng.xyz/SzlPcTdkBiwCChFsBkBgDFEYFEANSBgdeTx7CBlWHXECNFZ6UmkFXi8EdkQDcwx+V0ciXXJAEThNLgVCOAR+V14lXyBMET0Efl8Efxd9SRl6HzpMBm1NPxBQdghpAUM/VXJAAX0KfUcAfw18Rw5y
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhQKgdq0DhGIWbjsNhBRn4K6I7ToZd%2BVXQuyQAjiHFgR60RBZMjG%2FQ9k45HD6H1l5kZC4ScmY8%2BVVpcmVA87pziXdT7QchIjtm6jtY03zlkTOp7ovNfI41Xin%2BSICR4fC8k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 74b382f3eca9374c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 555ms
240ms Image
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-234640997%3A1663267444084964&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...

0
0

155ms
88ms

Image
text/html

2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-234640997%3A1663267444084964&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrjE9lll114LzVDu8MPt4kkitOYtD213qcAaeUb9i6IBUO_QPlw5ZhAOe0icrJ9wtHnANxg
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Server: 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Thu, 15 Sep 2022 18:44:04 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-234640997%3A1663267444084964&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrjE9lll114LzVDu8MPt4kkitOYtD213qcAaeUb9i6IBUO_QPlw5ZhAOe0icrJ9wtHnANxg
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-KRXq8zNfpc3Kd50Lvtn4kw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-586914611%3A1663267444095382&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

152ms
87ms

Image
text/html

2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-586914611%3A1663267444095382&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpDIHJiDoJe_iWkhOB_1bz1JPIz6Ax6dCWpWrfHQlp3px6eF6Aam7DTwAHftFls8MhksPLl
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Server: 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Thu, 15 Sep 2022 18:44:04 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-586914611%3A1663267444095382&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpDIHJiDoJe_iWkhOB_1bz1JPIz6Ax6dCWpWrfHQlp3px6eF6Aam7DTwAHftFls8MhksPLl
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-PFktYazdJig0OrPUMNkLDw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 205ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1172fac67c534956c7117dd6fa77f8b1a7992c0fc6bbc040b8869b5fc535a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 13237270133390197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H3 200 fa-solid-900.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/ 78 KB
79 KB 565ms
564ms Font
font/woff2 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Origin: https://bowfile.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ngFN6%2FlDZXbifRdFiEV4%2BY34gz%2FEIFT6i%2BSXtVVowi5uNJ8IxIxYCAgWngYHwtNhg4LrBlwPDbcDH39lJjiGg3XFE%2BnYqIXe4vTUfJQ08NVp%2Fqmtkyb3JcD6si5vIQ%2BSkksyELo0vn3Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b382f38cfeba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148

GET
H3 200 stack-interface.woff2
bowfile.com/themes/spirit/assets/frontend/fonts/ 4 KB
5 KB 593ms
593ms Font
font/woff2 2606:4700:3033::6815:254f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by: Host: bowfile.com
URL: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:254f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Origin: https://bowfile.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:03 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
etag: "5f8bebc0-10c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=592FchFKtuT9QbUtCFDchDP7%2FQeOi%2BbcfnrS5lhcsNnQYgzOW3LNBS9sP%2BPdR4SIVohz3G5SnSsOmaLD9l7FuWm47UfZMp%2FQD3Ap%2F4%2BvhWtQ4ZRmr73p1Gt9eLAI4HMlFCOz8kI89lD2lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b382f3bd5fba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4292

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v34/ 17 KB
18 KB 500ms
303ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bowfile.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:14:31 GMT
x-content-type-options: nosniff
age: 257372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17820
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:14:31 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 454ms
174ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bowfile.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 DVIFE39df1lUbUEKWkJoXxEHDy4CVUlVGUoLXAszBFxJVWoIXA8MNUYcXlc5B0sDCj9KCypWaloXXElvXgBZSWtdDElVahxYCgYoBhxeIW9cDkJUbElMUVY Show response
dyrfxuvraq0fk.cloudfront.net/CZ1pvOWwENQFfUxMzCwRVUm5XDF1BMBxWAhdnHnUnIAkXQB0OfBtDCFpqSVUNCT1SHwkJOVIISgY+DQRYQS4fVgdaNh5OAwUuCkMOEHwaWFEKNRVQAAs7SgsqUnRfHF5XchhQAgM1GEpJVWoBTUlVal4JQld/XHtJVWoYUAJ... Frame E627 661 B
751 B 217ms
216ms Script
text/plain 2600:9000:206e:1800:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/CZ1pvOWwENQFfUxMzCwRVUm5XDF1BMBxWAhdnHnUnIAkXQB0OfBtDCFpqSVUNCT1SHwkJOVIISgY+DQRYQS4fVgdaNh5OAwUuCkMOEHwaWFEKNRVQAAs7SgsqUnRfHF5XchhQAgM1GEpJVWoBTUlVal4JQld/XHtJVWoYUAJRbkoKLkJoX0FaU3NKC1wGKh-9VCRA/DVIFE39df1lUbUEKWkJoXxEHDy4CVUlVGUoLXAszBFxJVWoIXA8MNUYcXlc5B0sDCj9KCypWaloXXElvXgBZSWtdDElVahxYCgYoBhxeIW9cDkJUbElMUVY
Requested by: Host: easeavaila.buzz
URL: https://easeavaila.buzz/NFM1TXBVMVYgT1VuV2sFRj8IaEJydgcLFE0hUzUFQiFUPEBSOBsuHFsmUSsCWz1BYx5RJxB/NncJBD0GewRCCD5lFVMYCHkpdjoiYgZYeChwFQQPPXYrYgwYUD19IyVaGnQmKGURBQIWdidxDjZEImYbJXoQYXwjfCReBz9iGnweF212Bw80ZQFsHCMANWMqFFUdXXg/dSRgODNfHnoIOEMyYgs1fx1nGyF1EkZ6I1MgRBgeZjV9C0VsMF0lIXU0eHw3cSN/GydbEWEYHGIyWXk6ZT9RaEJyC305OmIEWhQldRlnLxtbGHkmOlsLBQsRYWB7BjMFJHIGGBlqYw4idXYHCzRiGnMIQw03U3wcYTFgCDtjOH8iKEwWfQkJABBjGBxiFGAiPGwSRjcycit/GydbGm0MSHkdYBQTbD9WeDIEIHEOGg0YdjQAYzJZIihsFlk7KFMRbx4nQDdxCBxiMl01KXc0bCIyXCtQBCcNMHEmOmExcCE9YQVsaxpHPFs9TUUffgojTCpEJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:1800:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53ff0f3ac0a96bd4a1255f434c7a60ac815dfa519eddb6babdb9efbda479dc05

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://easeavaila.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 473
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58fe.cloudfront.net (CloudFront)
x-amz-cf-id: zhiPUC4LsR1hZH8PF-VtFuH5d05QhNZ1NIzyZRgznNrq0uRZGj5zEw==

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 180ms
175ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1455201204252520
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bowfile.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 135ms
44ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bowfile.com&callback=_gfp_s_&client=ca-pub-1455201204252520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f50ff2521d6d7296eb6431cc3dc9206da2dc56e1b54ee9334a94e746631e5a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 496ms
131ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 436ms
139ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F26 93 KB
32 KB 443ms
330ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443747&bpp=4&bdt=986&idt=334&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=7398430033619&frm=20&pv=2&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OWwkwIB7Io&p=https%3A//bowfile.com&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89bce7cbf05735c386e37c1e961b80d2672f7f61025b71d5b943dafcaaf0abc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32322
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:04 GMT
expires: Thu, 15 Sep 2022 18:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 488B 159 KB
43 KB 658ms
555ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&adk=1812271804&adf=3025194257&lmt=1663267444&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbowfile.com%2Fdk7B&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443970&bpp=2&bdt=1209&idt=133&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=138

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0842b50522feedc8e7e44c71bb1efbf37409f05e59a68f408b027d1d2a3c7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44473
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:04 GMT
expires: Thu, 15 Sep 2022 18:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 popunder.gif
hrmationeng.xyz/ 35 B
553 B 56ms
30ms Image
image/gif 104.21.24.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrmationeng.xyz/popunder.gif
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 15 Sep 2022 18:44:04 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 16:04:25 GMT
server: cloudflare
age: 9579
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msYcPIp0P%2BY1LbK7qpoLGz%2Bx9vGtTeJFYdDoecZfiWl%2FSdY0yelvlQn4Lilp3P20X%2B9ex7xPRWZTBadzyK6A2Xgbb%2BnK3%2BWJW3JvGwwYLBEE71Pwk9ZMgTQaHBlNkGww0DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b382f64bae3757-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 487ms
134ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fdk7B&j=https%3A%2F%2Fwww.google.it%2F
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4c5f4e3f4a39d2b288e2137f1fb48e29c2fe7c64d44380bc7889cb593e043bfe

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 18:44:04 GMT
X-T: 0.874
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Thu, 15 Sep 2022 18:44:03 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 216ms
149ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=4priswyaav&t=CCleaner%20Professional%206.03.10002%20(x64)%20Multilingual.rar%20-%20BowFile&c=c&x=https%3A%2F%2Fbowfile.com%2Fdk7B&y=https%3A%2F%2Fwww.google.it%2F&a=0&d=1.61&v=27&r=1201
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c33e7e0be20fd33a99423949b2a443f11a8ee58527e3b9c7f8da66695bfe843f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b382f6cbc7ba83-MXP
content-type: text/javascript;charset=UTF-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 150ms
76ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G45GX6EFX2&gtm=2oe9e0&_p=204391245&cid=1337148721.1663267444&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663267444&sct=1&seg=0&dl=https%3A%2F%2Fbowfile.com%2Fdk7B&dr=https%3A%2F%2Fwww.google.it%2F&dt=CCleaner%20Professional%206.03.10002%20(x64)%20Multilingual.rar%20-%20BowFile&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bowfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 141ms
63ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
age: 186359
etag: W/"62d96946-4599"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 74b382f83f0be8ff-MXP
expires: Sun, 18 Sep 2022 18:44:04 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame 4F26 10 KB
5 KB 139ms
43ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443747&bpp=4&bdt=986&idt=334&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=7398430033619&frm=20&pv=2&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OWwkwIB7Io&p=https%3A//bowfile.com&dtd=351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H2 200 2e4af17640cb32bc996b7903b1b5a7cb.js Show response
www.gstatic.com/mysidia/ Frame 4F26 19 KB
8 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 01:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 01:34:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4F26 8 KB
893 B 402ms
142ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 17:03:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4F26 2 KB
982 B 61ms
60ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:42:59 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 4F26 6 KB
2 KB 145ms
52ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:55:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 4F26 23 KB
10 KB 171ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:35:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4F26 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:16:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4F26 17 KB
7 KB 179ms
64ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:03:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F26 141 KB
44 KB 403ms
154ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:44:04 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 4F26 33 KB
13 KB 187ms
66ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 464ms
147ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.it%2F&t=CCleaner%20Professional%206.03.10002%20(x64)%20Multilingual.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 414ms
135ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=746prp5fn5&_pv=1&_ls=0&_u1=1&_u3=1&_cc=it&_pl=d&_cbid=2itw&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fdk7B&j=https%3A%2F%2Fwww.google.it%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 08c9ef79679cdf00006c795018aa4b98991ec8d43d211b7efeebd3afc8137023

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 18:44:05 GMT
X-T: 0.261
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 15 Sep 2022 18:44:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7093587796877322152/ Frame 4F26 24 KB
24 KB 91ms
91ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7093587796877322152/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

090f261a7025bbbc080aa08d85086abda9b6c9fa4dea8e3302fc12de8e8db05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:23:43 GMT
x-content-type-options: nosniff
age: 177621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24639
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 09:29:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 17:23:43 GMT

GET
DATA 200
OK truncated
/ Frame 4F26 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4F26 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F26 0
0 103ms
103ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1vszdHIjY4bFD9Cgtwf-rby4A63fma5sl8GOtfIQsJAfEAEgkIGTI2D9gpGE6BGgAc2Fk_MCyAEJqAMByAPLBKoE2gFP0AbbTkM9SyrDaFqkU-QZN5fh_7kuYSZUmBtBwUM3a7bczPkJp12cLtRrx_UvQ3RlMNbt4PUYBtbKfCKFPgxpNzc8DyvpOAEDRrCBauIsmtrqlgOAgoV1vMcq8tG5HE3QZK8Ibp21V0ncS94KuS8-mJ1GaQWT5qg0jECFkwwP8iIDziXfgTn9aVaXRe-hKSLNbzjDn2ECH0Jz33M7T1RoBj5v73u0syRhte5MSy0TKgJ7iUJf484KfruupjEKBNO5ILZTmF8YgZ32RsrJGHurcro5PLWrATlbx8AEmvjsoYUEkgUECAQYAZIFBAgFGASgBi6AB4OisIQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_7IB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMTQ1NTIwMTIwNDI1MjUyMBgA&sigh=nF9TNoM7Zgg&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&slotname=9079323917&adk=3160410531&adf=1820968292&pi=t.ma~as.9079323917&w=1110&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&format=1110x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267443747&bpp=4&bdt=986&idt=334&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=7398430033619&frm=20&pv=2&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OWwkwIB7Io&p=https%3A//bowfile.com&dtd=351
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 15 Sep 2022 18:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Sep 2022 18:44:04 GMT

GET
DATA 200
OK truncated
/ Frame 4F26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60b83e768b7d5cccd15614f01f3d21b39b896f0bcb1aa72d8b36d16c84e48629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925324d71c38967923bbc129023d84d9d73d9cdb72ba81d44a9161bbf36bff6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54578
x-xss-protection: 0
server: cafe
etag: 17042410827064449117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 18:44:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 397ms
140ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 398ms
140ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bowfile.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9481 99 KB
33 KB 427ms
426ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fefcf6cbce70da04096741c3586370d492bdcefa1ccd096a9f1ae18d184110be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF81 430 B
224 B 417ms
416ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3197078125~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1200x90&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0%2C1140x280&nras=3&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OVQeH8cqcA&p=https%3A//bowfile.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c71a5bfa67f4c02e196df21f95f3f41341e1d52c919d822d6a149ec7e177135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 204
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EAE 430 B
225 B 398ms
398ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=90&adk=1753261642&adf=462635073&pi=t.aa~a.3407205583~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x90&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=1&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0%2C1140x280%2C1200x90&nras=4&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1JFobmmQj6&p=https%3A//bowfile.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c725a4af7121009f15d83ebbdb30eaf0589e81b7e74bf3aadb88af0552d9e631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F26 0
20 B 100ms
99ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 512ms
133ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!4priswyaav&dn=TC&cc=1&r=https%3A%2F%2Fwww.google.it%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Fri, 16 Sep 2022 18:44:05 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 161ms
161ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1455201204252520&plah=bowfile.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bowfile.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/ Frame 3714 10 KB
4 KB 61ms
61ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 46260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 05:53:05 GMT
etag: 8616628553774171045
expires: Thu, 29 Sep 2022 05:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3714 4 KB
636 B 144ms
143ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 17:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:05 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3714 205 B
229 B 67ms
67ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 16:34:26 GMT
x-content-type-options: nosniff
age: 7779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Sep 2023 16:34:26 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3714 604 B
628 B 68ms
67ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:08:38 GMT
x-content-type-options: nosniff
age: 2127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Sep 2023 18:08:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame 3714 19 KB
8 KB 174ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
server: cafe
etag: 4999025364649203088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:36:10 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 136ms
136ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.it%2F&t=CCleaner%20Professional%206.03.10002%20(x64)%20Multilingual.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4F26 28 KB
28 KB 166ms
69ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 122361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:44:44 GMT

GET
H3 200 FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js Show response
pagead2.googlesyndication.com/bg/ Frame AFB4 36 KB
16 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17344d684fd08583d9fb6eea8b1d47a5202d3aa911f38a0e1c1ba8550793dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16134
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 20:38:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 38DD 8 KB
893 B 148ms
147ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 17:27:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 38DD 2 KB
902 B 47ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:42:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 38DD 23 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:23:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 38DD 3 KB
1 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:16:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 38DD 17 KB
7 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 17:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 17:45:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38DD 141 KB
44 KB 518ms
244ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:44:05 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 38DD 33 KB
13 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 134ms
134ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.it%2F&t=CCleaner%20Professional%206.03.10002%20(x64)%20Multilingual.rar%20-%20BowFile
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F26 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRAQIQAAAACA299AMAQKDRARIQAAAACAFdRAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAgGZm5JBAMAQKDRAUIQAAAABA7-ZAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAgJmZBZFAMAQKDRAyIQAAAAAwM9M_MAQKDRAzIQAAAAAwM9M_MAQKDRA0IQAAAAAwM9M_MAQKDRA1IQAAAAAwM9M_MAQKDRA2IQAAAAAwM9M_MAQKDRA3IQAAAAAwM9M_MAQKDRA4IQAAAGhmhlxAMAQKDRA5IQAAAMzMxHtAMAQKDRA6IQAAAMzMVH1AMAQKDRA7IQAAAAAA2JBAMAQKDRA8IQAAAAAA2JBAMAQKDRA9IQAAgGZm5JBAMAQKDRA-IQAAgJmZ55BAMAQKDRA_IQAAgJmZ55BAMAQKDRBAIQAAgJmZE5FAMAQSGkNJYlB1WW02bF9vQ0ZWRFE3UW9kX2hZUE53Igl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C70 143 B
166 B 74ms
74ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:11:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9481 8 KB
893 B 143ms
143ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 16:55:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:44:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:44:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9481 2 KB
902 B 73ms
72ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:42:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 9481 23 KB
9 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:23:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9481 3 KB
1 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:16:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9481 141 KB
44 KB 332ms
158ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:44:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9481 17 KB
7 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 17:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 17:45:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9481 0
0 113ms
41ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlBzYrLlb8z8_UZTND0x0voyCkNHabNm2Hteqp_FbfeGdAKQMXSs7ZJd2mDnPvglin-WkrDAuAkAF1C-0eV6Cgm2kj6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 9481 33 KB
13 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9481 0
0 121ms
121ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7bcwdHIjY6OPOeiVjvQPo6-pgAuTvfy2ZcD-tN-lDpCDhZ4LEAEgkIGTI2D9gpGE6BGgAe264oQDyAEJqQKwi0qUnMewPqgDAcgDywSqBPUBT9CDDPp_59U7mlYCZLywEeLYsbgUPHFcW94Du7XpSfhqBajUsc78PiWzIzjPHMtub8BzWVxBEbE5rTnYHWkliG5-76qsvv9BDh68hELsswA-AB1z9we3xxV_Nfl7qq-02StjNELTfdXdd4db8n9mJt88VaGKGG25WTKR4t1Sv_H8-B5tj8GmJy46EluXuvu2mmqDemmXKth6h5lx0se_rAQ0I79BtdMd_Wq2cuGrOCJcdRniHuQTGMahKL0ZS2X_RMRbt343KS9mXCxdDaT796VlsW_R6GmNfS6MZwbS5VjMJ6wQ7tD8L-DP4iKXrurkh7aj6xLABIj6z_LiA5IFBAgEGAGSBQQIBRgEoAYugAf7xJ17qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsdcB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwqIFAfQFQGAFwGyFxwKGggAEhRwdWItMTQ1NTIwMTIwNDI1MjUyMBgA&sigh=wr9M1oxTSvY&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 15 Sep 2022 18:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7795178419973014492/ Frame 9481 35 KB
35 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7795178419973014492/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8836bcf0804830c29577b6931de7ca8421f2722659080dd19eb174f4e12422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:03:39 GMT
x-content-type-options: nosniff
age: 286826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35608
x-xss-protection: 0
last-modified: Tue, 11 May 2021 06:25:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 11:03:39 GMT

GET
DATA 200
OK truncated
/ Frame 9481 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9481 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 134ms
134ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.it%2F
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 19B8 1 KB
749 B 76ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 11541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Fri, 16 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

91ms
91ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:05 GMT
expires: Thu, 15 Sep 2022 18:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 19B8 35 B
463 B 126ms
38ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELl4Yk3abxRnEX6djQGlMbQ&google_cver=1&google_push=AZmPxg95dCQju_mcDeGLftLSIqkqotCn2E7tKDsXnSqI5deBjhguhzkyEjxbCxGxH1MOCVGbGMp97yN7wFhFheEBdi0VKB-GorHw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 19B8 43 B
351 B 152ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMMNWCUL17-zW-gkkY9I7FU&google_cver=1&google_push=AZmPxg90JqtS2uJwnPQw6Vlt2nZz6yaYYAVl53OwQOdUZzbF2njUIR3ANn6J6xlqaAlGyM7ZmwaynXM8Pf5A7x03i6uMbj2Jgw4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: to8jh3t8sn7i5g54bqdqjupbui9uteat

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 19B8 0
166 B 150ms
38ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELobo1grBEBMs41amNbapWA&google_cver=1&google_push=AZmPxg85fraIRFMYg_mXLwA2g5L8A5My9J13E-05Kh6dOjx8f-GtmZyH5pGJ_3AZKqeQQMRP5wigtjqXvRB8fMm8QvVgHhH9EKlJ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECobkod-b5kGV7ODW1V1D38&google_cver=1&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzRUhRUjMtMjAtVE5a&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOyO_i_gZiUMZGYOP-Kd96sBaQzP

170 B
188 B

124ms
53ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzRUhRUjMtMjAtVE5a&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOyO_i_gZiUMZGYOP-Kd96sBaQzP

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzRUhRUjMtMjAtVE5a&google_push=AZmPxg9DWXO2F7EqrVa1cr3JTjI_euCSgP96gExFJOJkct5xOtnLAXTRVmGKMu4lw05A2Cc6eOyO_i_gZiUMZGYOP-Kd96sBaQzP
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19B8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_hm=YyNydc2KqXeSic86NP4uyQAAEVcAAAAB&google_nid=index&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ym...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_hm=YyNydc2KqXeSic86NP4uyQAAEVcAAAAB&google_nid=index&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ymrcNIwN6rYtdw4U68b0QUgRWbWtxebYq1UV52e93DYRgo6xrtioQaTB5OKBWqssF

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLw8qVEbRMErzMOnpo1RtLLF2k%2BWSEQNDSa7wl5OgmlE%2BreF7%2Fb2TshKyhqOPfqSWAKrIJfccZ5L8YsoWbZrN28t%2BOT3bMsb2UUzIrCtLhPBUU1qb5DoreuuniaB0o%2B7zHpt9qnL46IJBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIt7bJTW2MsEqRm0K3rEHl4&google_hm=YyNydc2KqXeSic86NP4uyQAAEVcAAAAB&google_nid=index&google_push=AZmPxg_0snEY3zNWoJPa3SfQ9TcUa32IIj3ymrcNIwN6rYtdw4U68b0QUgRWbWtxebYq1UV52e93DYRgo6xrtioQaTB5OKBWqssF
cache-control: no-cache
cf-ray: 74b382ff79c0bab5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 19B8 43 B
297 B 490ms
93ms Image
image/gif 2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIX2j_IKg9GFYD8TkB0JLEc&google_cver=1&google_push=AZmPxg9fshgowsCWV2h4H5mylxd84ScU6APVc1itRSg5iZozPKh0_N8X8q09U9pk5tWSTVAxO4zYWpiPvcBH_90ghbPY245ZfsQ2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1455201204252520&output=html&h=280&adk=934287464&adf=2938718582&pi=t.aa~a.2292973944~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1663267444&rafmt=1&to=qs&pwprc=9314066175&format=1140x280&url=https%3A%2F%2Fbowfile.com%2Fdk7B&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663267444824&bpp=1&bdt=2063&idt=-M&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D37d3ae4cff6f76f2-22065c1523ce0050%3AT%3D1663267444%3ART%3D1663267444%3AS%3DALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA&prev_fmts=1110x280%2C0x0&nras=2&correlator=7398430033619&frm=20&pv=1&ga_vid=1337148721.1663267444&ga_sid=1663267444&ga_hid=204391245&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069509%2C42531705%2C31067826&oid=2&psts=APxP-9B8lCX11g7HFtW474_Ddi_Q-GIKhXOeSViwxRM8UOluXuHsfQLvhu63WFfowN719HnCa_64CfSWqdoLkne5qw&pvsid=379105551355705&tmod=965411399&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BWcNWAiWjc&p=https%3A//bowfile.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 19B8 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 19B8 0
223 B 119ms
40ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHqyw6gNAX-Mb8IWkDlEG-DwldtRJgCX6NC3bGOmAA0GFX6Ta4lDs-RPw8Ij-fURuzBGzxaA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 134ms
134ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 134ms
134ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 134ms
134ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4priswyaav&lm=0&ts=1663267444621&dn=TC&iso=0
Requested by: Host: bowfile.com
URL: https://bowfile.com/dk7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/dk7B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
DATA 200
OK truncated
/ Frame 9481 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fad296b65f26116ebb9a168faa42bfad720c34b81c1405c3caca780337a0b8e8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9481 28 KB
28 KB 63ms
63ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 122361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:44:44 GMT

GET
H3 200 FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js Show response
pagead2.googlesyndication.com/bg/ Frame 37DA 36 KB
16 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17344d684fd08583d9fb6eea8b1d47a5202d3aa911f38a0e1c1ba8550793dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16134
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 20:38:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 129ms
129ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e75f7dafb41c50ff33da74455750209db4bcb5a1aea0e02d0053051b190e5a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11227
x-xss-protection: 0

GET
H3 200 FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js Show response
pagead2.googlesyndication.com/bg/ Frame C196 36 KB
16 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js

Requested by

Host: www.google.it
URL: https://www.google.it/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj1mY-AuZf6AhUvMuwKHRY2ANgQFnoECAkQAQ&url=https%3A%2F%2Fbowfile.com%2Fdk7B&usg=AOvVaw2wZ0zRg0Ogj8xJjc_ghBnO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17344d684fd08583d9fb6eea8b1d47a5202d3aa911f38a0e1c1ba8550793dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16134
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 20:38:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:44:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4343 13 KB
5 KB 69ms
68ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 11737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 15:28:29 GMT
expires: Fri, 15 Sep 2023 15:28:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 13D9 783 B
535 B 234ms
77ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bc3dd8d33ebaeda7fe5e27a6ef0dd7c25eb9bc5d719df62714b685d57cbd3e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x9dTk6Hyt2WUUTXuhnyz4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-x9dTk6Hyt2WUUTXuhnyz4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:44:06 GMT
expires: Thu, 15 Sep 2022 18:44:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F26 42 B
64 B 171ms
171ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVLIIohd1XiXGRah0gz_QNZZqKVNLb_HlpO6eZbBZj-BMqY1dTRxsGwIsqSpeEOyKofFJEyl1Y3hLS8q_N8GNlUxk6IqcXykql7bGUEdmF-U5brzj_yp2R8ey4O4JRS005fSLmBw&sai=AMfl-YTse00u7JwLfIi_r2BM5ALDzTm-l-ioaChsHQN2aCXncuyyPcjXFlZnf72vnghbOHihknv_QoUmZEXw&sig=Cg0ArKJSzK6K1hRT1yZrEAE&id=lidar2&mcvt=1000&p=35,0,315,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3160410531&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663267444099&rpt=1090&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:44:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4343 36 KB
16 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FzRNaE_QhYPZ-27qix1HpSAtOqkR84oOHBuoVQeT3D0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17344d684fd08583d9fb6eea8b1d47a5202d3aa911f38a0e1c1ba8550793dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16134
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 20:38:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 13D9 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=379105551355705&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4343 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tt1TOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:44:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 109ms
107ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=379105551355705&bg=!RUalRgLNAAbG3AOo5tw7ACkAdvg8WhS7jUe26_cNK1lMRiMJKJI6QItBqpacRZGi0JGOy8v1k-nrNgIAAABfUgAAAAVoAQcKALlsdCw2kbUMUrpyft63ddkSVFmt0IEZ89GFtEcpGvTBES9JEoRjUQ9E4SRqBinXDeWrDrTpRX1aai0l65XjBBGg79Tq1J0TEeHuVhm-Uz1QTveExVC5YoGNYJL8_MgWkTumKTaZgu3J917AICDIucYs6KplyIPIAHuMKKkKghO2zraGm4CM7XpC-JYhzDCDm-Rl4CFYaXdGnPji_Gvw5q6Bxrp2VToc4680lBo78VJ2_dPts_FOmPjdS5kC4MJ9sIL2HnjNCV4fgwQQc26Q3oIKNzR3ymB7Dyxfbu85ylWyg0ZnV7lZ9164Kmzq4BbMQ3xbrIpAvwcuNZC9ccxJ9aswPLvC3TN_mrPyaaoxtluVBWcnladIhneFS7IuEa7e5PWVwVpOUNVTRBthg_hjdNPcYT4ZvFA6j_0o0ic53HMjlVq6Nr0AflarVwlaUdtHV1OvwJzwIVgbQoZSn7QIcVO0gUulveFCs_Jt6dvl_yn4eC3zTkq8LjC71YoTJWxdwzOA9AvZLqc1L3ecMjXbL1ZlrcdemAbIzgvrC2rqMX7cunpQM0FtoIILD1QE4DDaQxaylpO81reuw_K2UyC9ljOJyt5MsMYx4jImMSH-ssTDTNxzkBZyBcYQWFLTT0pZh441h_khqgVC3KExxD4vcNkRRK1e_jqRhgpU0zBEvwG6yqZtFEuSjjO7XYY8S-ijlZ71Qw3Cwwdm2SiLAnOerhENCPWvTEIF37vduXvfLAEiWWT-EUkO_E3jEplkq-ces9rVO0qe0Fi8wpm0yMe95CUjzsZ_rAjWez8sbHUWPa4rnTgdq3ges9UPZzrlWPSs_MZa_1s4MczM5tGOgixiBnwRQ4JpoVCqfDViA_NmLa9gx3LMoj9Mg9dbnWpGO2gSP14xBBdeArkYM1dKhJDne417wzgJ7M5qFxeyyBlDHNGsIb_dwkAQ2qKDNGYud3N3Z5NhX5_Q0SvqwTFLbIWjopSGSbQOR-tcAd_VroIw6gaTnA0NeSBxNpHcy_DCI96jQ0SG5WhrrcXXCyJNAdsS1g0uKgBljNAqILG88yYeKpDnZe86SuZzAoU09eYFq9FkMvAdotLZChUKNtpIe7bDwre6-3t9cETKADSHUSQZva3uxpbiARCEhdd-Fsr0m5GNp1eGWDnDVBs-ihxtFnSdIyyKN8-n7rGB0g-vcdeXdGIUUfR6aRp_ZYrLU0CltG185sEGq3l-7zOFkVa1u6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bowfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGB3ysdf4SJ2fEMesddyfJk&google_cver=1&google_push=AZmPxg9TTGjC9bBjx45MHG_EafpHixEoPonbdcOkaSgaNm02iG2uo1tuifpvsRlVO-bqotkxO8xGIEOVuQr6Rj2zx_angqC3d1-s_w

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.it/	1970-01-20 15:30:54	Name: __Secure-ENID Value: 7.SE=NjdvCrPFbR8yz0bNOQZlx59FHoTsbiNLV22Bj5ChIcfPaBDzNFp2X5pN1ZzKp1VfpBuZDuQpQTk7i-uJgpauPKcZbQTop_3zRW1D9wTkCcuJOKKFSXbnFYPswbHpujGoyX2jsXl7iwDfQV-V8gFvpAIdYFwCNmEmNWW71EwhFNk
.google.it/	1970-01-20 15:37:07	Name: CONSENT Value: PENDING+193
bowfile.com/	1970-01-20 06:02:33	Name: filehosting Value: 49305e5b8265defd7e06cf4bca4868a5
pogothere.xyz/	1970-01-20 14:39:31	Name: csu Value: 513513121777331@1@1663267443
.bowfile.com/	1970-01-20 15:37:07	Name: _ga_G45GX6EFX2 Value: GS1.1.1663267444.1.0.1663267444.0.0.0
.bowfile.com/	1970-01-20 15:37:07	Name: _ga Value: GA1.1.1337148721.1663267444
.bowfile.com/	1970-01-20 15:22:43	Name: __gads Value: ID=37d3ae4cff6f76f2-22065c1523ce0050:T=1663267444:RT=1663267444:S=ALNI_MZq3Hi-x6qzMtMgSkAkVr8rM6-EgA
.google.com/	1970-01-20 10:24:38	Name: NID Value: 511=okdB5OMYd5OolG060H4F74JZZw0IZPDA91GvKIy0-IAay6K8YVDjU1ryfRH8Nliow6RwPwg1XiS5kY7TTHbej79pCU43g3YGhfgPcje832doH59heuCb2Y682CIHy_Ytoj715i7-Fkzaqv5qqqHQnDJi9oHy1tp3OiLdI8EeJys
.dtscout.com/	1970-01-20 06:01:12	Name: m Value: 1
.dtscout.com/	1970-01-20 06:01:21	Name: oa Value: 1
.dtscout.com/	1970-01-20 08:25:07	Name: df Value: 1663267444
.doubleclick.net/	1970-01-20 15:22:43	Name: IDE Value: AHWqTUlduyZXz6wrRHOZZv7O58zeMLRYB4UbEG3x038kT0rvEBq811nnbASXE6mJ-VM
.doubleclick.net/	1970-01-20 06:01:11	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 08:10:43	Name: d Value: EDIBCQGNJ4EA
.quantserve.com/	1970-01-20 15:31:21	Name: mc Value: 63237275-910e1-6dd2e-0aa3b
.casalemedia.com/	1970-01-20 14:46:43	Name: CMID Value: YyNydc2KqXeSic86NP4uyQAA
.casalemedia.com/	1970-01-20 08:10:43	Name: CMPS Value: 4439
.casalemedia.com/	1970-01-20 08:10:43	Name: CMPRO Value: 4439
.casalemedia.com/	1970-01-20 08:10:43	Name: CMTS Value: 4334
.innovid.com/	1970-01-20 08:10:43	Name: uuid Value: c39ec629-1edd-450c-83b3-838e78183242-20220915 14:44:05

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-586914611%3A1663267444095382&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpDIHJiDoJe_iWkhOB_1bz1JPIz6Ax6dCWpWrfHQlp3px6eF6Aam7DTwAHftFls8MhksPLl Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-234640997%3A1663267444084964&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrjE9lll114LzVDu8MPt4kkitOYtD213qcAaeUb9i6IBUO_QPlw5ZhAOe0icrJ9wtHnANxg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGB3ysdf4SJ2fEMesddyfJk&google_cver=1&google_push=AZmPxg9TTGjC9bBjx45MHG_EafpHixEoPonbdcOkaSgaNm02iG2uo1tuifpvsRlVO-bqotkxO8xGIEOVuQr6Rj2zx_angqC3d1-s_w Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.it
ag.innovid.com
bowfile.com
cdn.tynt.com
cm.g.doubleclick.net
cms.quantserve.com
de.tynt.com
dyrfxuvraq0fk.cloudfront.net
easeavaila.buzz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hrmationeng.xyz
ic.tynt.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pogothere.xyz
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
t.dtscout.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.facebook.com
www.google.com
www.google.it
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.19.126
104.21.24.109
142.250.181.226
142.250.185.98
158.69.139.225
172.64.151.83
188.114.96.3
198.47.127.19
2001:4860:4802:32::36
2600:9000:206e:1800:7:f62:ac00:21
2606:4700:10::6816:4bab
2606:4700:20::681a:407
2606:4700:3033::6815:254f
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2004
2a00:1450:4001:802::200d
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c08::5f
2a03:2880:f107:83:face:b00c:0:25de
2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb
35.227.252.103
52.222.174.88
67.202.105.32
67.202.105.33
69.173.144.139
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57
08c9ef79679cdf00006c795018aa4b98991ec8d43d211b7efeebd3afc8137023
090f261a7025bbbc080aa08d85086abda9b6c9fa4dea8e3302fc12de8e8db05c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc3dd8d33ebaeda7fe5e27a6ef0dd7c25eb9bc5d719df62714b685d57cbd3e1
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
17344d684fd08583d9fb6eea8b1d47a5202d3aa911f38a0e1c1ba8550793dc3d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
22b4b2572cf1822d1dae8bf4fce6845a56eedadac310ba8d0741aafcc7bfbf1d
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2aeb0d1ee7dfb8d7d0b50c8239795e1c1d71931e8ce2d75fef50660eb366614c
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
3c71a5bfa67f4c02e196df21f95f3f41341e1d52c919d822d6a149ec7e177135
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46bdd3ffc0ebf8766ef371a94df6af6ca0e2e8ef39b248224ea6d565883ca738
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
4c5f4e3f4a39d2b288e2137f1fb48e29c2fe7c64d44380bc7889cb593e043bfe
4ced1f8c0b694ccb6f9749f6051db6bd26fb52bbf8a3b6249b637d3fafaa0abc
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53ff0f3ac0a96bd4a1255f434c7a60ac815dfa519eddb6babdb9efbda479dc05
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e
5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6
60b83e768b7d5cccd15614f01f3d21b39b896f0bcb1aa72d8b36d16c84e48629
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7c0e01eedd16492ba2432e1c306cc9a6b98a68ae3d56f6c50db90edc6fd5235b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87886fe5c3e3032ff9a3bb6c20b2c5ef995e5ac7b98271b90b0bd860fe476d2e
89bce7cbf05735c386e37c1e961b80d2672f7f61025b71d5b943dafcaaf0abc1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
925324d71c38967923bbc129023d84d9d73d9cdb72ba81d44a9161bbf36bff6c
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
a0842b50522feedc8e7e44c71bb1efbf37409f05e59a68f408b027d1d2a3c7b4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ab3aabebc03de33e13fbcc51a82116f8e2a6ff4212d20db2845ac143012c2583
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b1172fac67c534956c7117dd6fa77f8b1a7992c0fc6bbc040b8869b5fc535a1e
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c33e7e0be20fd33a99423949b2a443f11a8ee58527e3b9c7f8da66695bfe843f
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c5f690ea1f752b40ea9bb8a23ecbd0d04ff541bb9c64eb22820d2a43b0a5f9d1
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
c725a4af7121009f15d83ebbdb30eaf0589e81b7e74bf3aadb88af0552d9e631
cc8836bcf0804830c29577b6931de7ca8421f2722659080dd19eb174f4e12422
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
e75f7dafb41c50ff33da74455750209db4bcb5a1aea0e02d0053051b190e5a2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50ff2521d6d7296eb6431cc3dc9206da2dc56e1b54ee9334a94e746631e5a01
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fad296b65f26116ebb9a168faa42bfad720c34b81c1405c3caca780337a0b8e8
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95
fefcf6cbce70da04096741c3586370d492bdcefa1ccd096a9f1ae18d184110be

bowfile.com Open in urlscan Pro 2606:4700:3033::6815:254f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

96 %HTTPS

59 %IPv6

27 Domains

35 Subdomains

31 IPs

8 Countries

2270 kBTransfer

4489 kBSize

20 Cookies

5 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bowfile.com Open in urlscan Pro
2606:4700:3033::6815:254f Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

96 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

31
IPs

8
Countries

2270 kB
Transfer

4489 kB
Size

20
Cookies

138 HTTP transactions
8 data transactions