www.u-pull-it.com Open in urlscan Pro
172.67.178.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.u-pull-it.com/
Submission: On May 15 via manual (May 15th 2023, 3:05:07 pm UTC) from US — Scanned from GE

Summary HTTP 200 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 27 domains to perform 200 HTTP transactions. The main IP is 172.67.178.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.u-pull-it.com.
TLS certificate: Issued by E1 on May 6th 2023. Valid for: 3 months.

This is the only time www.u-pull-it.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	172.67.178.77 172.67.178.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
5 12	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
23	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1 1	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	104.102.55.21 104.102.55.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
36	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
8	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
5	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.248.1.169 34.248.1.169	16509 (AMAZON-02) (AMAZON-02)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	54.156.183.173 54.156.183.173	14618 (AMAZON-AES) (AMAZON-AES)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
200	18

63 172.67.178.77 (United States)

ASN13335 (CLOUDFLARENET, US)

www.u-pull-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.68 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.75 (Amsterdam, Netherlands) 1 redirects

ASN41041 (VCLK-EU-SE, US)

www.awltovhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.55.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-55-21.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.1.169 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-1-169.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.183.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-183-173.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	u-pull-it.com www.u-pull-it.com	1 MB
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	652 KB
35	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	229 KB
18	google.com 5 redirects cse.google.com — Cisco Umbrella Rank: 3046 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 459 adservice.google.com — Cisco Umbrella Rank: 83	172 KB
9	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 32 fonts.googleapis.com — Cisco Umbrella Rank: 50	7 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	73 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	367 KB
3	google.ge adservice.google.ge — Cisco Umbrella Rank: 57521	861 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 356	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 2073	1 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8713	966 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	59 KB
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3125	1 KB
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 6707	488 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 700	1001 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10383	293 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448	717 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414	644 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 792	714 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	607 B
1	yceml.net www.yceml.net — Cisco Umbrella Rank: 27631	6 KB
1	awltovhc.com 1 redirects www.awltovhc.com — Cisco Umbrella Rank: 93891	440 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	247 B
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	aura-dsp.com Failed sync-dmp.aura-dsp.com Failed
200	27

	Domain	Requested by
63	www.u-pull-it.com	www.u-pull-it.com
36	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.u-pull-it.com
18	pagead2.googlesyndication.com	www.u-pull-it.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	cm.g.doubleclick.net	googleads.g.doubleclick.net
12	www.google.com	5 redirects cse.google.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	fonts.googleapis.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.ge	pagead2.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.youtube.com	www.u-pull-it.com www.youtube.com
2	cse.google.com	www.u-pull-it.com www.google.com
1	a.rfihub.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	um.simpli.fi	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com
1	www.googleapis.com
1	www.yceml.net
1	www.awltovhc.com	1 redirects
1	www.google-analytics.com	www.u-pull-it.com
0	match.adsby.bidtheatre.com Failed	googleads.g.doubleclick.net
0	sync-dmp.aura-dsp.com Failed	googleads.g.doubleclick.net
200	35

This site contains links to these domains. Also see Links.

Domain
www.dpbolvw.net
www.kqzyfj.com
www.anrdoezrs.net
voice.google.com

Subject Issuer	Validity	Valid
u-pull-it.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.u-pull-it.com/
Frame ID: 92DFF4DC256E687CC2CCEDCE2FE84E34
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 4C459484A963F6FD03FC88DC22C92296
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&adk=1812271804&adf=3025194257&lmt=1684159521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.u-pull-it.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101294&bpp=7&bdt=6111&idt=809&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5288850973736&frm=20&pv=2&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=840
Frame ID: D4ED671189D3A3E83006E28D7F1E94B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4817187887&adk=55929723&adf=2704398893&pi=t.ma~as.4817187887&w=360&fwrn=4&fwrnh=100&lmt=1684159521&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101301&bpp=2&bdt=6117&idt=840&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kskWQWetPz&p=https%3A//www.u-pull-it.com&dtd=845
Frame ID: 65FE0EFE2BCED2F325B4640A003E8560
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF6797A0979C2B8B24EA24E64D225963
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E261D8FDE023E32EB4A9C68CA993E5E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C746FBAE7A11EDE779FC203A762C8669
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 9BE8762CF8D681A3AA51630CD4F4FC0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=115&adk=164834801&adf=2276849504&pi=t.aa~a.3080175788~rp.4&w=720&lmt=1684159521&nsk=46ab0f3&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x115&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8645&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280&nras=2&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=36GoxSTu4D&p=https%3A//www.u-pull-it.com&dtd=16
Frame ID: 6C75F8144D03B86A241BA569E98B406A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=112&adk=1684796181&adf=2395104377&pi=t.aa~a.1835932303~rp.4&w=720&lmt=1684159521&nsk=aa26b9fe&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x112&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8644&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280%2C720x115&nras=3&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=mdrML4A6ED&p=https%3A//www.u-pull-it.com&dtd=19
Frame ID: 86D40F4D7F5A943FF8A649D92CAC3ED6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6ECF2A8E054F30ADB4BD5550D1BBEF0F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8307A0A8EF7D035BBF40B1845C58BF98
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 896D8251B90628A1D3DED500D10283B7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7FDF276AA57A8B588E2F14681794E302
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2708CABEE72CB9C3DA5E1911235DD89E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BC00F7BFEB0B53E0D2A3B7591B79F507
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 187138F26F1C0991398C0E59C18AC3B1
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 225461BFE8C63DD423560A18B94BC522
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E95EF4793324C3A26EBADA3D9F8CB2D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6D1408650151D60C7D5B30B795021B89
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD7199C874B002A395171D22E8523EF6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 260D415DC89FF6D273874607884DAC40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 7A56C213D1F3B645F5559D106B47493B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 9E29A1132B7E9EF8CE856395134734AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: B801163F5D1DCE23B52C6D664CA23289
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Used Auto Parts, Junkyards and Salvage Yards - U PULL ITsearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

200
Requests

93 %
HTTPS

0 %
IPv6

27
Domains

35
Subdomains

18
IPs

7
Countries

2737 kB
Transfer

7868 kB
Size

30
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dpbolvw.net/3d106y1A719PRQQSZRRYXPRTZSWYSR
Title: <img decoding="async" src="//www.awltovhc.com/hn65jy1qwuFHGGIPHHONFHJPIMOIH" alt="hn65jy1qwuFHGGIPHHONFHJPIMOIH" border="0" title="Used Auto Parts, Junkyards And Salvage Yards 16">

Search URL Search Domain Scan URL

URL: https://www.kqzyfj.com/6m101js0ys-FHGGIPHHONFHLHPLOML
Title: <img decoding="async" src="//www.awltovhc.com/85116z15u-yJLKKMTLLSRJLPLTPSQP" alt="85116z15u yJLKKMTLLSRJLPLTPSQP" border="0" title="Used Auto Parts, Junkyards And Salvage Yards 17">

Search URL Search Domain Scan URL

URL: https://www.anrdoezrs.net/1i103y1A719PRQQSZRRYXPRVQRYXRZ
Title: <img decoding="async" src="//www.awltovhc.com/2q101drvjpn8A99BIAAHG8AE9AHGAI" alt="Air filtration" border="0" title="Used Auto Parts, Junkyards And Salvage Yards 18">

Search URL Search Domain Scan URL

URL: https://voice.google.com/calls?a=nc,%2B18554971176

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://www.awltovhc.com/hn65jy1qwuFHGGIPHHONFHJPIMOIH HTTP 302
https://www.yceml.net/0421/13926821-1578601357951

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 177

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://um.simpli.fi/gp_match?google_gid=CAESEM1bDKsgMMawbzRzOvUZQb0&google_cver=1&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYPwmAga7UnOaXE90NM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3973224EB4784A72BD55F58D75006413&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYPwmAga7UnOaXE90NM

Request Chain 199

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECqGWz1Pv81557Sx7QOnbv4&google_cver=1&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4tSSXzQWctskaA0UZAHQCYjXsUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4tSSXzQWctskaA0UZAHQCYjXsUQ

Request Chain 200

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDKPj4xi9gKX53MX98L3nDE&google_cver=1&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5KAQBzy9S8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5KAQBzy9S8&google_hm=eS1uUk5rdUtWRTJwR0hyclNpTXRETTQ3bkwyVVJ4SnFONH5B

Request Chain 201

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJw9pY9HcVBtHPlNZg35CWA&c_param1=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ

Request Chain 202

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEM_deW4OKAz_3vBJmlaDL4M&google_cver=1&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR2IXBmoUtViGVl9J6Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=9_rl9QbiX7lzstAFetVQsVvvzrg&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR2IXBmoUtViGVl9J6Y

Request Chain 203

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEATIfneSJpHpFpYmz-7WpdE&google_cver=1&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEATIfneSJpHpFpYmz-7WpdE%26google_cver%3D1%26google_push%3DATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A6773288195696635852&exchange=193&google_gid=CAESEATIfneSJpHpFpYmz-7WpdE&google_cver=1&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY3NzMyODgxOTU2OTY2MzU4NTI&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 210

https://a.tribalfusion.com/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 211

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP3oOZNqXZadTRtVBf9k_k0&google_cver=1&google_push=ATf1kGNdfAMsZ-At1slUC6Xbl1bRW0Q4OJ8lxLeprY_28Ca_coAq1z3PASxnRoJ0BPbvWKlATR-_Md9JwJkn8c5kd5f30nyfi--vug HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEP3oOZNqXZadTRtVBf9k_k0&google_cver=1&google_push=ATf1kGNdfAMsZ-At1slUC6Xbl1bRW0Q4OJ8lxLeprY_28Ca_coAq1z3PASxnRoJ0BPbvWKlATR-_Md9JwJkn8c5kd5f30nyfi--vug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjcyZjI3ZTQtY2NhMS00ODgxLTliNTItMTNlZTgyY2YxYjQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=272f27e4-cca1-4881-9b52-13ee82cf1b41

Request Chain 213

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGplcFJ_wCQw-x2hsfx_Sv4&google_cver=1&google_push=ATf1kGM9kbT5_Iw-KbRGjtI4wp30JFsLlSSK3rT--plVU_KrvbFyj-aoA9OmJdv3ut21SFKl3wwFQWfNpV9lMYX_UU5QWpRJmB6xsQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGplcFJ_wCQw-x2hsfx_Sv4&google_cver=1&google_push=ATf1kGM9kbT5_Iw-KbRGjtI4wp30JFsLlSSK3rT--plVU_KrvbFyj-aoA9OmJdv3ut21SFKl3wwFQWfNpV9lMYX_UU5QWpRJmB6xsQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5DuDDz2R-qwbi3ZWc2f2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGM9kbT5_Iw-KbRGjtI4wp30JFsLlSSK3rT--plVU_KrvbFyj-aoA9OmJdv3ut21SFKl3wwFQWfNpV9lMYX_UU5QWpRJmB6xsQ

Request Chain 214

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_cver=1&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7HFnjO2e-HjD-O9Ycr-o1ErKFIfQBE_mY_Z8fgMoorO92bjtg0AM0j5061wRBFks94Q HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7HFnjO2e-HjD-O9Ycr-o1ErKFIfQBE_mY_Z8fgMoorO92bjtg0AM0j5061wRBFks94Q&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_hm=ZGJKITQIuVqcF-uPbiv8JAAACGUAAAAB&google_nid=index&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7HFnjO2e-HjD-O9Ycr-o1ErKFIfQBE_mY_Z8fgMoorO92bjtg0AM0j5061wRBFks94Q

Request Chain 215

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGeRysaTJLWO_Lb97_fQjus&google_cver=1&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-45yxq6Ho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-45yxq6Ho&google_hm=NDE4NjMwMTkwNTkyMDE3MzY5Ng==

200 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.u-pull-it.com/ 267 KB
40 KB 872ms
597ms Document
text/html 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94573510650d61803843345cbc7605c4fd77f92345c62eb7cba6c437c44986bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c7c46ad8af639da-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 15:04:55 GMT
expires: Mon, 15 May 2023 15:04:54 GMT
last-modified: Mon, 15 May 2023 14:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJivsGCRRyHCjdj9G0E1O3ySvdw0WdfEjG3so2bdVEZfpsb8vRhtEMHMI96gce7GyVVY%2FyyDnlW57s%2B1C9QHOnwunuzYGcr3WoZijXuVSZk8eTEDmpLosr1tRmWpxxsq6vKrRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 BvpFCnKzEDSH2kx2aFtjkKl65GM.js Show response
www.u-pull-it.com/cdn-cgi/apps/head/ 5 KB
2 KB 182ms
180ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0385ba4f9e7baf0cd4c8eb69afa560a0b0eb355d3e1baa4bd3cc8b2c8e45d5f7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-amz-version-id: uqB02dDzB1FZlnAORqNe.QYATYukZyQY
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7VYZ82YCE9SCV7P2
age: 3889411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: w4QjmPhdzAyqdvtTKOxFNc7VYIZozjmOeFHjUBX6Qr+GdVTgSDIvew0ovWkng/JuyzcGGK6Oebo=
last-modified: Thu, 12 Dec 2019 05:16:57 GMT
server: cloudflare
etag: W/"81d512416ea4a115efa5d17b5e6d7631"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulmF8wfArGUbTxmu5zrJVsWHl6LTBvZbyNV7QlMNvbYG%2FwFxj%2BgexofeJys%2Bv%2FIx3eWYCvlxHIYUS6uwHolxnZiE76z3JsCWFNDPvdmtGicBiNscMMraorPJsgsOSOUvMt6z%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c7c46b14fff39da-FRA

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 25 KB
26 KB 140ms
138ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bacf0700f76fa7fb17cfd78fe44859a5f02cec044ff0e2e9a530f92e08b6e6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2462796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25716
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-6474"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBmooxFO0sxrBGBDz33C%2FHzRb5T1x4OGnkOBw3X%2FLp%2FH5rsVjNnv8XBWWrv5jbZEHdpC%2BCGfiT%2FetCwvENPGpFuBxVjp%2B0YL%2BgexS0qThZuLpGPBDCJKyLAn8775%2FI%2Bvoh8DMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b1480339da-FRA
expires: Sun, 30 Apr 2023 08:23:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 11 KB
11 KB 173ms
171ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1556480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11040
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-2b20"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHXdm5eCw6uIrSVByM8SGibAXgqcTJcBZlFN6UejCXivJi5ER0Tp%2Bk7hLIzY2Jjz6yo9rypIgvQCagkiCKqUkZdLZYFw%2FGmA3EGY4PIC6KBWPLa3KjBongjetduzRrlHAkJ%2BPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b1480539da-FRA
expires: Sun, 30 Apr 2023 08:23:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 11 KB
11 KB 221ms
219ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2462796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11072
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-2b40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VZOTvLCACj24WQYjKUbgN75eRcWumpXljOuF4DiXAyW23ryeLirg9iesng%2FEKI652zpmSgV0NR3dNwKCDi8%2B9Z3KHXoUipK2bu4v3XyAtayrfCeCyQhiJth2F%2FssZXFnPc4Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b1480639da-FRA
expires: Sun, 30 Apr 2023 08:23:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 38 KB
39 KB 185ms
184ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1524546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39372
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-99cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZulxaHpzzWHW5gr60lS5Q5Urww%2By706YPQWa9oAcBsEp8Wme5Z1LS9xWmjocxz6dU8iLYmAJEDH9Mdz72QkRAZ3zAAnP8U6lzEoJSNOOCQzR0ppqn8Ri%2Blu3RRwKM2hSko4PEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b1480739da-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H2 200 fontawesome-webfont.woff2
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/ 75 KB
76 KB 221ms
220ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1556480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: "639bd188-12d68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Fd8OakHql99nSFj0QpxM%2BRs5z7ZmgjmpNJFrsxX9Yt06c0RuNfeJoKy6DLYjcohzIW5flVAVpvQ27IkPdwXmjGFQjaXlrwGvBQZ62uEV6ZNx%2BxY02KvuRShYomcwHSJrH3MUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b1480839da-FRA
expires: Sun, 30 Apr 2023 08:23:40 GMT

GET
H2 200 rocket-loader.min.js Show response
www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 135ms
134ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 May 2023 14:15:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645ba6ec-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ac%2FqY3LC%2BYvf44%2FofOJgW%2F7IY3fMkXVMcGmi0n1QCHVNcwCfL%2BU%2B%2BnbmGVZZPqJXyVnY4g%2Fwbyb1j%2BhAbhJ%2BE90KdcgkXES4Vs6ep7weh4lqAo1A1a6VFQpJ35tqcSVDaKt8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c7c46b1480939da-FRA
expires: Wed, 17 May 2023 15:04:55 GMT

GET
H2 200 front.used.css
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/ 193 KB
52 KB 224ms
223ms Stylesheet
text/css 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/front.used.css?ver=1683988854

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bda7cc8e45b2fdeed974f32189e2e18aa4c835c6dac03716776fa80a6f034bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143245
cf-polished: origSize=200104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:40:54 GMT
server: cloudflare
etag: W/"645fa176-30da8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDC5P8IiYSSUwbEwpiGQR2skxuoiHp6%2BJg5nv6fCue9mxq1A%2B41Q3HIvaJvZNvIIewF7hSaUAKxEAIJhdgOsaiqKyA4eOjNIhHFOkTrs8MedzEsjlvj35hQkUTyBaVt5wp5ydg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b1480139da-FRA
expires: Mon, 12 Jun 2023 14:54:20 GMT

GET
H2 200 3039e898bcdd.google-fonts.css
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 63 KB
2 KB 181ms
180ms Stylesheet
text/css 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d649b49409131d53cd4d6600084f89ffb4da738452baeb71a694f94fa10f2213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1294252
cf-polished: origSize=74609
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: W/"641891be-12371"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHIqHRIZ7diK07SNDx00se7lcZt0sIU7Z6o9Ay%2FsTKO5YVgj89qLmHKQryfZtO8HlZARDaDmBsQG%2FWu2npUPMfL9BRoQc94nT8v1z4dAWq9RtuEORR0mNnXPkR%2FaKQ7OK6tHhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b1480239da-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H2 200 jquery.mmenu.all.css
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/jquerym.menu/css/ 55 KB
8 KB 194ms
194ms Stylesheet
text/css 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/jquerym.menu/css/jquery.mmenu.all.css?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb59593277a8e26c5ab132801c5eb8cb7fb21aefac4c4d87b8fd4e8c966a3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 303708
cf-polished: origSize=56036
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-dae4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnFsJ1JGWf4fSVcp453zMud0O2i3GsByFKllnzuCXF4Tr9VbYPzkFGhL%2FgBUAC82O1VprjSPomeSxucbrEgaM2zvweLDrlLmpIBKWM4HElbpnLEfbNrUUGr31ccwxlwcWwRETw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b1784039da-FRA
expires: Tue, 30 May 2023 08:26:42 GMT

GET
H3 200 UPIlogo-e1674700296924.png
www.u-pull-it.com/wp-content/uploads/2018/12/ 2 KB
3 KB 3449ms
3449ms Image
image/png 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2018/12/UPIlogo-e1674700296924.png

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93e1166c9cd40d33e22febd5edfde97e5f495689782ea116ee63ef7acf2091c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2493
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Jan 2023 02:31:36 GMT
server: cloudflare
etag: "63d1e608-9bd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPRCsyYhJtdGUDMJr3%2FZ%2FfKZbXWp00b68AzAoxGm5ffQSfbR22xxkuGz2ljKRZFm0v6rKvu22NseS7xVYT%2B1u%2BleAhQbu9%2BO8mSl1iCCwd0ejwWv45HgjftrZFneJfyAnBN19Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46b31fad35eb-FRA
expires: Wed, 14 Jun 2023 15:04:55 GMT

GET
H3 200 content-loader.gif
www.u-pull-it.com/wp-content/themes/listingpro/assets/images/ 18 KB
18 KB 142ms
142ms Image
image/gif 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/images/content-loader.gif

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb29b2c86fc2ed9f60bac1978d630533d808ebda3740ac9f6066910f1946776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17933
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: "639bd188-460d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VsEcEFDQmYjic2sPY5kig4Z%2B9X%2Fo7IoQc0ggHlppkxFyt%2BIdIwdQiLBsO4iYH7Hs7Suns1ufpOx4O2eCqWSkaep%2FszEPDH4v4HhUCLdPD7aPKjNJ0DcWJFz6Q1dt93VXDcaIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b31fc535eb-FRA
expires: Tue, 30 May 2023 08:26:36 GMT

GET
H3 200 favicon-96x96-1.png
www.u-pull-it.com/wp-content/uploads/2019/06/ 824 B
1 KB 3047ms
3047ms Image
image/png 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2019/06/favicon-96x96-1.png

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b6e104886e94d96d6d8e7f0971abd44265e2d37207f21e9c358cb0918335cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 824
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 05:48:19 GMT
server: cloudflare
etag: "63cf7123-338"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okuDXuaO5DMctBGrdCTJFAsr6YNLyPTGUET4WvRoRHEM8baDnoTGVUk%2F9L2VY0Y14JoHajJMqYXNcBFFxUlA2DEisnsf2TrbU%2BYjwvVYIseU4VWEDTE0CeKBOWXNCHZYHAu%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46b32fe435eb-FRA
expires: Wed, 14 Jun 2023 15:04:55 GMT

GET
H3 200 cropped-UPIlogo.png
www.u-pull-it.com/wp-content/uploads/2018/12/ 1 KB
2 KB 2917ms
2916ms Image
image/png 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2018/12/cropped-UPIlogo.png

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0fbc59729545f7f4ab261f3a132650c123c19621bf26c0805e5fb9faff792c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1041
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 04:52:56 GMT
server: cloudflare
etag: "63cf6428-411"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvG6l%2BgrGa3nT00EffeXciR14YDLYiSINj5aW2ErpEY799%2BbSjmmjFYMBto4ocxPq1hyj5jn7xQuKjVBS20HiRsDuP%2Bbp%2Fa0g06a4ONHBCf8%2FUgKp2aYIPJpTr0kk67qQg87%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46b32fe735eb-FRA
expires: Wed, 14 Jun 2023 15:04:55 GMT

GET
H3 200 aoG1Ey13nth2pvRxIIjAevmqzNM.js Show response
www.u-pull-it.com/cdn-cgi/apps/body/ 6 KB
3 KB 2863ms
2862ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/body/aoG1Ey13nth2pvRxIIjAevmqzNM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-amz-version-id: yV2YeiByh76RsMr0WIyQG.CdsDX3o8fC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WZSDZNF1PVP2PFXY
age: 1660154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: C1YlYwF4zsgT41TeOfEvGaQmqR3H8KRQVFtptV04/FmzVM3MHJU4465Qidyw4QC6V1BitgVbXCg=
last-modified: Thu, 12 Dec 2019 05:16:56 GMT
server: cloudflare
etag: W/"d78ae742b3db62c395093f9910ba28eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnZB8wsEGLxR4QOh9fNZqNYKhOhl2ufe0p6CupiwXNJN9uu7cCbCJda%2FfSRlJvpmIj9j7nYAIu5AmRrE5RBiAkYjYDanPkBbB1P1o0fDTa1b1KjCuNALtJpip4FsjldbEuXoLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c7c46b32fea35eb-FRA

GET
DATA 200
OK truncated
/ 877 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4528f43753dd54b3b0385ee338bd080b28a721a88d85e66e855af79b9bc19897

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaef932219036e70a117001f3c3b68baa90412d6bb334c9efb8e186ce0b5c18c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2825d766868516b6930bdee0ac4a1ccce1d533bc497511f89faa91ac6440bd

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19fabe0a716fc7192e5c36c1c710a8e40a19bbe8424895a398a4329756db156a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c40ca0434ff10ce6f9f2276d85415d3e1e63dfab027241ee501b13de17e3acb5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cae44edf97abf5f90ff44b6a43d1ee100d833f40d9a462c4617f72ab19e0c6e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8501fed6ab7ec3ac0507f5660f91fec8fb321e7e33c1c8e48817863b0c9493

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5854b334940a3c9eef3a1b7db648d333357a8c6fe4618bd57234f47676a5fb84

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1b9d621ad8eec78bb711d6b0f9730dd21ac6a6570442e9d70119ffb43d1c4a6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3973fbafd6b6340de1a8f0d37549994d7dbef94de6e49d5e43c5237a43160a5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f0ae2b2a7c730b22a81b0cdccf7f1ec5e83114b27c1813f6adf4342caa41b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320e2c6b77730a3e5c9ebb990c15f2f6854780aa383e45b855e3e28b03ed3831

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7159d4b1ed477d7bf406009d95c2693358f49833ea398b1567603017cb60f244

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 u-pull-it-junkyards-near-me-scaled-1.webp
www.u-pull-it.com/wp-content/uploads/2023/03/ 41 KB
41 KB 2645ms
2644ms Image
image/webp 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2023/03/u-pull-it-junkyards-near-me-scaled-1.webp

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/front.used.css?ver=1683988854

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03807aaaac0c9d143c1cbef4715174878728d4de7f679046d8e0dfd5622504bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/front.used.css?ver=1683988854
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41670
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 19:07:51 GMT
server: cloudflare
etag: "6418af07-a2c6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0yE8nQ9VlBX59RHksQDhmac784Yy7IOEWP5ncNZfBYZ%2FlOdyVxW3YQS59mBC7A9ZpL3PFF2sG%2BZM4AmKYaRhw%2F6fBjxc6RTDqrG2ztnjlkjNEBDiicQy3pQ6AZiFcmeL9z%2FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46b3481135eb-FRA
expires: Wed, 14 Jun 2023 15:04:55 GMT

GET
H3 200 fontawesome-webfont.woff2
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/ 75 KB
76 KB 2125ms
2125ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/front.used.css?ver=1683988854

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/css/front.used.css?ver=1683988854
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2454544
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: "639bd188-12d68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0g4HAFREpg4pLtqMOcB28iJgrLXmmrIuyLITAYgaAbuA950ZOOq92iJ5sbZSc25SpAuyK3%2FhcG7bZmeOpnfdd6%2BvLkjMcgOk%2BIP8WenYQKww7HP%2FjFsXplkEiLSVP0Poxo6jiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b3481435eb-FRA
expires: Sun, 30 Apr 2023 08:34:51 GMT

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d096326cd90387efaca9db2096876825f6710c4e7e93d13d1323402aea86d77

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4945b65208da6182d85c4cc0ef454ec02fbfde7308014ede2cee5373eed9f8ee

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0723e36ab2b1134f1583758dd4d5de797764e1395624214a1ddfc96eb978a529

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: defa9a9c86073ae29302eb6dffc6a57882461b9c0a95cf0c7a8cf5dc2493f805

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 11 KB
11 KB 1669ms
1668ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11028
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-2b14"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az0TDAZaJnA8JzFQe3X77b1VK7%2FUbRtAcGWtW7TPbFutCo1s0C%2FTUR7s7TWBfkNZU2FrzMEqoDHewScazOsEYdqT41KoOyTHQSgz%2FP%2BuKIWpswNWSGBmexdXqiFihL83uCLOGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b3885435eb-FRA
expires: Tue, 30 May 2023 08:39:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 11 KB
11 KB 1533ms
1532ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142681
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11160
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-2b98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCm6%2F07seeFsRUdUH8Rq8LjnJeTFcEw4rf1xb%2BXNd71fVaD7eRG%2F%2Bn7rGddimtI32%2By%2BypXyBk1RROW87zEcHZzoN65qWKFbsYoHkD4WFKJuUBVOn3e6idwg9o5XEkBm1MgHmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46b3986235eb-FRA
expires: Sun, 04 Jun 2023 09:55:06 GMT

GET
H3 200 lazyload.min.js Show response
www.u-pull-it.com/wp-content/plugins/perfmatters/js/ 9 KB
4 KB 1319ms
1317ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.1.0

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 16:45:37 GMT
server: cloudflare
etag: W/"64528fb1-248b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReeIgRF3Vpb4dQ3F%2FNJDvKLWRDvzXLbteqdlDwJSHfxBNGP5q3jaJpKu9vkuOWFgiv%2FMB209S5KoI8kLJI25LEA4LZ9XLhBoDLF4GXIEddiyQ2pTeW8%2BUZGwIdceNsljEwvr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d89a35eb-FRA
expires: Fri, 02 Jun 2023 16:45:52 GMT

GET
H3 200 frontend.min.js Show response
www.u-pull-it.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 546ms
538ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1311649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 13:53:45 GMT
server: cloudflare
etag: W/"64186569-5b89"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNvK%2BZCLW608xK7w7vxLUy3jTf6cBdpikDfdKKx5EU%2FhDUgCzKRrFkKfLZBPoAmcj8S7OXVGtJGgvEPkFUYtVwX77w4arLgN7RAWzdoMie%2BS1L%2Bq3gapf58AGKP%2FhOYGRwPzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8a635eb-FRA
expires: Sat, 20 May 2023 12:17:57 GMT

GET
H3 200 bootstrap.min.js Show response
www.u-pull-it.com/wp-content/plugins/all-bootstrap-blocks/assets/js/ 77 KB
23 KB 286ms
280ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/plugins/all-bootstrap-blocks/assets/js/bootstrap.min.js?ver=1682461244

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8fab3c08dcfe1f49fe68d54a69041c66e41585d91e43f59d28ee98bcde51c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1684837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Apr 2023 22:20:44 GMT
server: cloudflare
etag: W/"6448523c-1336b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3hwq3qLX0BCgO4xETwPzz0eScJIY%2FCgUQeGEyHfOkvDrM1u9vuYMnCu%2BdN9I%2BOU9boLmt7%2BTHYH%2B5El5qRvUt%2FRBUnl6btgHEmG4%2FWoDpN%2FrGE%2BzeVtWADcKG%2FNw0o8H%2BEsWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8a735eb-FRA
expires: Thu, 25 May 2023 22:22:04 GMT

GET
H3 200 main-new.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 122 KB
23 KB 287ms
281ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/main-new.js?ver=1683989929

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

823c1ee4d1067e9cc704ffee49f5f14fb146fa520fd38aa4e53aaac5c120a244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:49 GMT
server: cloudflare
etag: W/"645fa5a9-592d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lttE2D8B3DHc%2FJSOxJHY0yRZ9cKjfEMqdee%2Fr4Jonn5JpTfz81EtS3hkccX038grvqSBd6OSW20l03JoUdvLm39norcCPvOOHq7Wummhg8ayhQbzeAdkFfIPs6Nw0vizndcPhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8a935eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 flipclock.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/countdown/ 21 KB
6 KB 157ms
150ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/countdown/flipclock.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a17d0931faf82351661f8788fa1f539eebbaafa44fd9c62c0d507d9a2adf8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2500207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-5284"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um%2BzFqKKNFumFkvuSlIBKm8iI8LvyBPfGkY6pFczDhZQDAYgSHDMdvJVDyW3EDT%2BecYTaRCVocEOk6WhQ7tZs0lZBTBjzyJZYEhCL%2FzF9XK0gMD8RTn1e0SmqgmKSfModjQ9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8aa35eb-FRA
expires: Sun, 30 Apr 2023 08:34:51 GMT

GET
H3 200 main.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 133 KB
26 KB 930ms
923ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/main.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4595cbf1de3f332608b02017cbb73fccd2eea5702f98224fdd35763081a64463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-677f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e5ZaXwz4ns0P8%2F95P62KMxJFmXkX2jzShyyPS4lj9ujRDBqLRJDLd%2FbhKA2%2FCT%2FNCqF0BbJFh%2B%2FoDvvJVn%2Fk5DUKj3hrKHiskjyvy0KtWznSTxKFU0rfM2v%2BVYYavDU%2B%2FR1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8ac35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 lp-gps.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 1 KB
1 KB 1188ms
1181ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/lp-gps.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d8d2866ada4db0b5df9f13ac287e5b7420fe99ed2a851eeb6559677d1beabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-216"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmmzK4rtAWlF%2BPkrulGnL6PCFqBRZiDg72J8hr%2BdEDS4wC1aYfzlInC9cHizRrzXsP8O%2Bb1wC3Yv2IUDJrplBSesZRW650%2B8WjzrUfQbsTXmtsIv%2Bc1gPJsy1sK02584jL1bLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8ad35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 lp-iconcolor.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 2 KB
1 KB 3328ms
3321ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/lp-iconcolor.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105bdc15a1d9de8bcea43d01e636f866b89182bd368e4bb792579e3ad085faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-2c4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I46LsS82B%2BrwG12Shc0b8wjSdOPD5SYK017VghPfPKU%2BlBoktHleBRS%2BXeEfVAYOoY%2F4AxkMhfPclvA%2Bubr3O7qTTNWledtQdh%2BMcf5B3pTuQtoXh%2ByaVRI7kNhOfzap7e7DcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8ae35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 bootstrap-slider.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/bootstrap/js/ 46 KB
12 KB 3200ms
3193ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap-slider.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74604b1cad2711aea8c6f41ac67fa320297c2d980dfdbba32b0fbae942f1267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
cf-polished: origSize=47023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-2a50"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP%2BFynWCnB5vqN3RMSBt%2Bm5TBQfFnsrDA1HWO6hxciJlSu23Zn9IlRPOgD4hlDaDbd25Hf5MCC0c16UZ08j0qR%2BFTdfV286W0DcDiUK%2FpyfujWhMBGpmzmmOvLCHfWj6GG5Xcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8af35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 jquery.city-autocomplete.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 5 KB
2 KB 3043ms
3036ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/jquery.city-autocomplete.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a5182078f2933ddc1b100685cad41a1d4a851b8d53f7147a30350794987a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-7c9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbtGtE238UwK64teTys847Z1hGnaGW3cu0ik4djdMHb9E4GFFNJFB%2FdmIc1pzAvzDIYt9HHIKpOGO6d9naa0TyQD3NHptJEO2a11UKHMatk8ECji64CO9gpfY4EKXmv%2BECSyDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b135eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 slick.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/slick/ 40 KB
11 KB 3069ms
3062ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/slick/slick.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1660151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-9e0d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv7%2BL8oQVYsw757S61oI9hB4sQm%2F0Gk6yQXThuE1HBuTm%2FrigRNKl9sau8YI2hfXLkwO2Ow00HnBVtSlFLXxQy4oCp%2F5nZxAoKYnmoVv79ZTJkCcepBOOTbOwWxg9g6oHbmxWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b235eb-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H3 200 drop-pin.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 3 KB
1 KB 3170ms
3163ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/drop-pin.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7811f8f7f874b5c956be0adfc8107262b9c32ed467ce5489397b91e8565710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-3d3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeD5ZgwrFn2CwNJcvOFaqJYb4ETyZCwegBg9EQmmGtUnKF2jqzNxuEKEhGx0SybI%2Bq4mLOLcdqwgHzdF8udSwjEuf6zKhTMn1sL8nSw1qgTX1uO9TvcDyULTDMPA4uUwgAdZMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b335eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 jquery-ui.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 311 KB
77 KB 3171ms
3164ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/jquery-ui.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b2b0c75ccda36e8210f03c2d4021100adad244fbd747113d1a0a9f0c7cf1000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
cf-polished: origSize=319756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-126f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHhBQHJ6d8%2Fy8i0B4J9UrbHGM0IwzVAoExGDjhFijuj8MoPFHsmzMbuSlXEhwb08P%2Bh%2F%2Bb2uqkeHM1ncFZTZLA54cUl5ogIZyPOAeFtTiGZyWQvwnlAFaxoZx4ldnZ9S5CQ82Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b535eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 chosen.jquery.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/js/ 26 KB
7 KB 3844ms
3837ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/js/chosen.jquery.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f828ed4be8ad9e3b01739bdfc4640661762137c1abf4b7280f42c800432fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2364009
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-6957"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU13nzjZYgMca35EZhgR1ataSmw4CI7sPtqz%2BovT%2FHAP4RWu4WR5sZKbC6%2BaMNCixMzTNLuJgd6RtuWqy4w7tLoLPuuFGUSDYj1GGmXtDFj5zpX%2BtdPor377NfrBCWvSsY%2FegA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b735eb-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H3 200 jquery.nicescroll.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/js/ 59 KB
17 KB 1751ms
1744ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/js/jquery.nicescroll.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c5e674c4d3d4191882e8665a62399fbb79c33a4fd2a65db34c9257ef940895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1614864
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-eaf9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC9s%2BveSPJG0vM%2BvkYt1uphc7vNzLHp9%2BorJ1zetktENqCYE8i3KpxOy5FKSvchPVd0%2B1DFgLQrSCz3m5Zc59ISBcKdYjPOGcklLEBYf5f3PF6GRC%2FADnSmsrdMLMBS%2FE2w9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8b935eb-FRA
expires: Sun, 30 Apr 2023 08:26:16 GMT

GET
H3 200 bootstrap-datetimepicker.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/js/ 37 KB
10 KB 1468ms
1461ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/js/bootstrap-datetimepicker.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57f7835226d801419b3f0a07dffae98dbac8a0e6712eb2220b5db9a1e19608b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2450127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-944b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRaMSE8roDbd3durYrVQ2BC%2FYL4dXnxM06BwRk14rfctBOFYk9II5D5IbWhky%2FU5zEDaUS8BYzJIEL95SkUu5rbRbkSw63C6epETNTD660lCoFw28MeWdGEDY6u3LtBkSU6%2F4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8ba35eb-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H3 200 moment.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 360 KB
73 KB 1186ms
1179ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/moment.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dcfd665cac2dec7b0804afa12986aee4a37865d62f35e0bea9e1227e66517fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-126aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU6QQZoGE3XjOF2l4osMCLv4TVg2Zh5MGzijXGjnKlOUmQ62PJ1nQxCX3NtP1kN%2B0O2%2BPYY7054VIqzjHW19AWU5aOHNt1EcC3mHRWlLRrPXymZA9EIhsoIaCUvHJYN82mbFrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8bb35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 modalEffects.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/popup/js/ 633 B
798 B 4100ms
4093ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/popup/js/modalEffects.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1771eb1bbefb5dd36c617035bd571186132850d40719434f264ba4a572292405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-12e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWBcY1VXcoZ743OX8KXuMe17iOm4PDjKxAJNJMcTG51VPWaUleV5im2XQZbzWzYfeWSiUfW7w0J9HEaTpWn536Jcc3ET%2BYKSewIP0mdyIEZJvA9HgxGq3muM1XoTT5XHLAcTQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8bc35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 classie.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/popup/js/ 618 B
836 B 4100ms
4094ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/popup/js/classie.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6aba7b5e6234e85d6174ebaf76c4564a09eee57ed34bab6d3a468068120f7ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-13c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWxSgFRolfezkQ9FiYLkucFhTD%2BhvfPzp0wVIj0yT8GGaK0E1j1uI%2FnzZLKAhMT%2B35oIGaVwxpCUVRcJADfTNUXTcht3WH6pNPDNVCW5oQovr%2B9offBCV%2BTRHUjPv7hBHrDPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8bf35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 select2.full.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/js/ 70 KB
20 KB 4101ms
4094ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/js/select2.full.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2450127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-11604"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldg9CDP5Dif8Fzhdb7UJaTADhu1xsTCG7WccueiXOLR%2F7r6pSJ4SKiYfJ6Tzef7XIxOlym8nhnrLRDW7N0NaZ%2FQxogLylAOxTL3VteRDut9PUu2D%2FV9mo8HBjbcRuVZMDU2dew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8c135eb-FRA
expires: Sun, 30 Apr 2023 08:24:51 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/Magnific-Popup-master/ 26 KB
9 KB 4228ms
4221ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/Magnific-Popup-master/jquery.magnific-popup.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b247111e148fe06143eb6213909fb88cf10f7bee6781b437702f96e3cdacc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234272
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-66b2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhnVl11zjyBxzLA7g0FXhnZBnpg40nrfVTVEmzG8a%2Fe5DjOj0xkRTl%2F173aExNEMF9yrE7TStdJt7JcCdlzKz2bin5JLY4eDwxqDclKXGtCFsmFH1Dm33eRJllAFX%2Fz195v5Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8c235eb-FRA
expires: Sat, 13 May 2023 04:58:31 GMT

GET
H3 200 jquery.mmenu.min.all.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/jquerym.menu/js/ 72 KB
20 KB 4280ms
4273ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/jquerym.menu/js/jquery.mmenu.min.all.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b2e754190e5438d4adcb9125299a592efba5efeeb050ae63f3a2faec6754f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
cf-polished: origSize=74175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-4c37"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4ZbLThr8v6nduASeimV2wThnB%2BaWalO7m7sdKG4rcq1LGu0Jc8X7lrmy3I3KqGH5Pk%2BznllUijzPuyJeTPcYgvVCdNXxm62GnyypkVRbiYjHwlKmD0rbxIjFWYGaWRm3Ecjpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8c435eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 bootstrap.min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/bootstrap/js/ 36 KB
11 KB 4383ms
4376ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap.min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411287
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-90b5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPQFDeb3rWtclk3MGOB50g9rrpjMaHidkj7QvJ%2Fv05DjszPnRqZ87Zte%2F4DOPV549%2FRUuRk6s%2FXG9%2FbRXcti7sCaAyFeITLurGDgzwYxo0OfshyL%2Be5rmIYAkVrpvOl9wD%2FTQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8c835eb-FRA
expires: Tue, 30 May 2023 08:26:38 GMT

GET
H3 200 chosen.jquery.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/chosen/ 27 KB
7 KB 4416ms
4409ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/lib/chosen/chosen.jquery.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7f75ec940ee870089f8d042e01c6617812f70e6b7ebf4b483428cdc914826a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158986
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-191e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqBYGqE3dDkQmmyQ6gNuyKFPfa1MHFHVJUfjqERzql23k2GJFX85nn989ZlH0%2BsYlpq7yTBtVWUlWV%2BFsi%2F0NQe0sD9Q%2FXy7M2Aq7VxQZkCctfNKC%2F5BAHWzg7B6OAnHZ5DAMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8cb35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 mapbox.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 193 KB
56 KB 4419ms
4412ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/mapbox.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b47daca06c93fa12087b179ea77c156f4eb141ed5bb8edd6e381f95955d3fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-d549"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvOOVRkLXDQW%2FMOshwzuFQ9D02zG%2FVxtOVXqMt2LEvjCzH72%2BJD%2BNMOME3zo6S%2BHEUK7AWUjBdWJX2EhAzAM4%2BVCINhwnivk7zeG%2BF7%2BFyNTEeqDR18isBtPD%2Fyd40PsJszLIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8cc35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 ultp.min.js Show response
www.u-pull-it.com/wp-content/plugins/ultimate-post/assets/js/ 64 KB
16 KB 4769ms
4762ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/plugins/ultimate-post/assets/js/ultp.min.js?ver=2.9.3

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce77df5077965bde813f47c3d590c677b19d87ed92fc4eaee154ffb736868139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 12 May 2023 22:45:05 GMT
server: cloudflare
etag: W/"645ec171-ff5c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyTUrxkV1cB%2BD6SijMAQgDIC4K%2FCpdvatkom9WDIjgeeOF6bELRRXN2A98l1CcYb2uDu2Qm2WbHGBIjTY7qBCAaDjULhhSQ%2Fp3qFBRy1c%2F7ckHuzHJiaV1iKTuCYiVB0zbUiYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8ce35eb-FRA
expires: Sun, 11 Jun 2023 22:47:08 GMT

GET
H3 200 auto-places.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/ 3 KB
2 KB 4806ms
4799ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/auto-places.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

650a3b4cae5ab950ce1154b28b028ac17a6db00f737953b89fa5b83853fcfddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-448"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50BXTh2peIv%2Fp%2FMpb3lpxq9nKL9I4ANk3C%2BTICNWeYmJlCDIFyXPh0EZ5Ackz8%2BjYLUwoPS1fFXi1qW9wzEwfzJBFEd8Q%2FlPmxBCLh7BT0cMub1677Raeg%2F6jxg%2ByqgEwAEdfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8cf35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 frontend.min.js Show response
www.u-pull-it.com/wp-content/plugins/link-whisper-premium/js/ 5 KB
2 KB 4806ms
4800ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1683667018

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221470
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 09 May 2023 21:16:58 GMT
server: cloudflare
etag: W/"645ab84a-128e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpjxji8G8TUblD%2B1DGHs4vSqdUit1exRaSEVjgPNJU87Zgsy6noc8zOoSeaxUxojst7N%2F1uTJtqLyA9cQTsYfeqxsfibOVsoT8DO5L43LYM4PEZc2cktduo%2Fh3x9n9hEqaHkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d035eb-FRA
expires: Thu, 08 Jun 2023 21:18:21 GMT

GET
H3 200 submit-listing.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/ 17 KB
4 KB 4830ms
4824ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/submit-listing.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da220e768d9b100cebab14d87b6460a0dda5e3f67b0e54ab07d5a368ae8b4bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-c7c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7OCqrYWaqMaYUZn9qCpRQ26W1B5QsmWmxI4uPXF6BlipJsAvF09T2DJfYgXOk5KRyRCbJdMgDBrIDuIGNexBMDNS6sQfaDSIcclXlJQuZa6XEGViF%2BLApybre2BfRZvYVRNIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d135eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 451ms
180ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

6879326c933451812ba91f3b4a2761c5e8dbc9713359ec2f3f11929e6eff45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48466
x-xss-protection: 0
server: cafe
etag: 13757543227448511694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 15:04:55 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 439ms
155ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

gws /

Resource Hash

083c8bfcda6e3e03f99797b5ec45c24b9b020d30f2a62b5bf2adcf4d8090c9a2

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-IGyYIuEIyI1tTxNEHDerPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-IGyYIuEIyI1tTxNEHDerPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 15 May 2023 15:04:55 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3049
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

GET
H3 200 gtagv4.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/uploads/perfmatters/ 244 KB
83 KB 4830ms
4824ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/uploads/perfmatters/gtagv4.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0032b438ad5bb4fd31c79633d42114cde9ae458de99526b9fb8fefa58ed685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-145bb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALBoSsL5YLvwcmsKanWe%2BlD8BeiyENw8mQzJck7EAeC0ikCTrTkrL%2FEbKPvgTYmuvGb2KFRApDIVPLLHgM6nTDwxL2CX4k9Eg%2FNDmP%2Bb1wJqAe%2BmBQso86WwaLJ8kZo1SjxlSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d335eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 child-term.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/ 14 KB
3 KB 5216ms
5210ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/child-term.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf8f95cf06f91c4f38712889d3346811c8bb47ee1fccd444ac6e175ed724f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-8b0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qX%2BCcO46CHr4eol%2Fwa4uPJtqKFTunb8JDxJ9vdBN8VHhqdKr4ZFe4NOs4ZWnLgSBhpdauGArdVtb4TpAS9u2J4MVw%2Bhn5vW4HnR8uDS0%2BeV%2BfcUvTiMEQiFGTQljRwIeBsrLsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d435eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 morris.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 50 KB
14 KB 5216ms
5210ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/morris.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2033ab5933830716738396254615ea30eeed0988cdf8914047d57056debdc28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172434
cf-polished: origSize=51002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-316e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPxk0xcIHXRkJQeTTrYvludw%2FhVZFb01Kwgo0Fi%2FwSTrCIx5Vz%2FztI2mpLeVIPRo0B5%2BeZMRVSIHVcKvUJbAkm0yJkjH%2F77XE4%2BL%2BtydwmChZCaee7rJRfHNx9gWwKf1GPzUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d635eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 raphael-min.js Show response
www.u-pull-it.com/wp-content/themes/listingpro/assets/js/ 89 KB
32 KB 5308ms
5301ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/themes/listingpro/assets/js/raphael-min.js?ver=6.2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa8365187616ef2c4f580e55ce1b441c2963f87268d66b290c3751bd8549774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2481598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 02:01:44 GMT
server: cloudflare
etag: W/"639bd188-164fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYp%2FOC6g4ICpKOq%2BSSnfy5pxPMOaxn17%2F67el5rBjhos2K%2F%2FOu1J%2FM379Hzy%2BDcWs2wubRFTbhc7xsZQi8fwYxDocrUgr9zrh4ooPaDqhOnJ3I69NB68rzdsm29dMMkRLN%2FJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8d735eb-FRA
expires: Sun, 30 Apr 2023 08:24:16 GMT

GET
H3 200 main.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/ 6 KB
2 KB 5436ms
5430ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/plugins/listingpro-plugin/assets/js/main.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

873ca7b63d6766c0c2aec95d88a3281162120688519f4a6e4034bd68dc7e17c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-60f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvMZJQ7xf%2FZNk97cqWuXcx5DHHQ%2FPUBFPCmA6HVIcThKFfxvgtBYA1iEW%2BqzVphQWQGTJhLJdpN7nypBeUzqHqAqtySl5WyMxJ1MuH4ZmB9VdPBWJcpTsUco63FZVaia3%2BgKTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8da35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 needlogin-ajax.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 4 KB
1 KB 5437ms
5430ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/needlogin-ajax.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f413d6047013023732d26f684d2cdf52385498f6119991d510fe100ab51a1f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-353"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl1TIUE5Ugt0eB3IcUmUUImSLSswPIDu0gJGKUNTE21Am9IQTPquwThv5Mu1oJUUp4LJYUqnB6ZzQpcq48UeTwEQ8FuRV7s6M5Fd2E%2B9QrScFB2o3gFn73%2BvNtQbvzpR0IsB8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8db35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 single-ajax.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 28 KB
6 KB 5437ms
5431ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/single-ajax.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26a97b929a1cb24042ea36ccb8a4d3253a51038428a608983b72e979eac7d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-13cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rWnUvycX0eBEWHLaREzM2Y7JwlQoPjvVnhvmyXR3f2nIU1wulD2Aqrgc0r60CQqr4LRYjP%2BTLI6waxFvtAgIHu4YevGw%2FFJ5BPWphnGbzBKS1UNM5VYV0zYIcHQbFxtC2B9xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8dd35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 search-ajax.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 96 KB
12 KB 5472ms
5466ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/search-ajax.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1067d9d607aaa963500f092b2e3f7d61575344353a17d35d8c69d2ea5f038aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-2bc3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQK3LuM2DXF7AmirrxDHbxy1vkHKhcb8fUCDRTJRO7tKYy0ya26bW2mskYzBaExsljzGiLERYmyUjStlQEyisNHXIB78fGQHuZ2Zn3NlBdW14zCM7NUHIsmVieqTUxTcJizNyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8de35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 login.js Show response
www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/ 7 KB
1 KB 5498ms
5492ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/themes/listingpro/assets/js/login.js?ver=1683989928

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac4be2cb31270a1e2d4a5b5d2d298ee88378b755fc2a662fcf2c62c6c6bd9cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 13 May 2023 14:58:48 GMT
server: cloudflare
etag: W/"645fa5a8-387"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGru1DjLWOBbhU7PjcdeiXouwrs6EcMAeF9sUEmNJAKRCDAUmge6Wu0SimbFkR3RI5OxWBhlww5AebNl%2BQfDW9T8kvPKNuda2hOBWMAv3Xr23MW%2FMZQruhuyEZt4JlgbmQCr8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8df35eb-FRA
expires: Mon, 12 Jun 2023 14:59:00 GMT

GET
H3 200 jquery.min.js Show response
www.u-pull-it.com/wp-includes/js/jquery/ 88 KB
32 KB 5498ms
5492ms Script
application/javascript 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 23:37:39 GMT
server: cloudflare
etag: W/"6424cbc3-15ed7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSQdQvHff31mpXoMAOEC%2B7m6%2FWfpIthNUdMrvURlvzmG1gcRdZuCTXrKYsnIyWYjMLsKrZvJRfZ1l78HL4UqrWMxnXwWPKAfrcVUy%2BBlzf78vDl6NV%2FWF48KK68Vb9%2FMhg5%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7c7c46b3d8e135eb-FRA
expires: Tue, 30 May 2023 08:25:12 GMT

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/8e77c7877b8339e2/ 308 KB
102 KB 460ms
195ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

sffe /

Resource Hash

f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104786
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 11 May 2024 16:45:45 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/8e77c7877b8339e2/ 41 KB
9 KB 394ms
129ms Stylesheet
text/css 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 12 May 2024 02:56:47 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 392ms
128ms Stylesheet
text/css 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 15 May 2023 15:34:02 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 514ms
255ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ae2e2f8b3f0f2912839fbe9c2be57f5126975257335125d6106ff4e210676d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122680
x-xss-protection: 0
server: cafe
etag: 12361217632535199849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 4C45 10 KB
5 KB 398ms
129ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 9280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 12:30:21 GMT
etag: 15057649708203361565
expires: Mon, 29 May 2023 12:30:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
247 B 404ms
137ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HQ76RK4JLR&gtm=45je35a0&_p=1911318399&cid=691543433.1684163101&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684163101&sct=1&seg=0&dl=https%3A%2F%2Fwww.u-pull-it.com%2F&dt=Used%20Auto%20Parts%2C%20Junkyards%20and%20Salvage%20Yards%20-%20U%20PULL%20IT&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/min/1/wp-content/uploads/perfmatters/gtagv4.js?ver=1683989928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u-pull-it.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 147ms
146ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ka for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 15 May 2023 15:05:01 GMT

GET
H3 200 u-pull-it-junkyards-near-me-scaled-1.webp
www.u-pull-it.com/wp-content/uploads/2023/03/ 41 KB
41 KB 275ms
275ms Image
image/webp 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2023/03/u-pull-it-junkyards-near-me-scaled-1.webp

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03807aaaac0c9d143c1cbef4715174878728d4de7f679046d8e0dfd5622504bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41670
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 19:07:51 GMT
server: cloudflare
etag: "6418af07-a2c6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KG48IAn2Icbt0z1EyM4Zf1UUNortHFVn6VP5p9f2RNi%2FIyDGhLgP6Pjb%2BGtWloZuNltEEYbP3KjQlk7%2F5i3A%2FR5V73xG%2BcnAn0Y3%2Fgbx6lx525SFpvBpWh%2FobajHDYn%2FGOldKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46d7de8535eb-FRA
expires: Wed, 14 Jun 2023 15:05:01 GMT

GET
H3 200 Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-300x200.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 13 KB
14 KB 277ms
276ms Image
image/jpeg 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2020/10/Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-300x200.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922d7b629a8eaad5cabbb8d73bdfe54bccb57c1506f559a962c062d72c91524c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13554
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 04:46:24 GMT
server: cloudflare
etag: "63cf62a0-34f2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQtwZnr6%2BrVqaTNb3VVnS3lQNocNbVOn7A4X348%2BgQLburGCv5OVMQv7bAIBkGOG%2BLmTnpZNuQVu1ya%2FUAE8FQwL8glqIa5B3UyfXriDe7RVHTulvpx35X7rxmVreV6PRJ0yUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46d7de8835eb-FRA
expires: Wed, 14 Jun 2023 15:05:01 GMT

GET
H3 200 PULL-A-PART_INDIANAPOLIS-300x169.jpg
www.u-pull-it.com/wp-content/uploads/2018/12/ 10 KB
11 KB 259ms
258ms Image
image/jpeg 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.u-pull-it.com/wp-content/uploads/2018/12/PULL-A-PART_INDIANAPOLIS-300x169.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4340fc4f9bb5c66186c8bfc933bf772bb0f5477be581895fed97b472fdb6addb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10583
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 06:03:36 GMT
server: cloudflare
etag: "63cf74b8-2957"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rjj8OccV0sn4M6%2FG1BmeWr%2Bhj%2FklRF1itXYs6ma5qKafg0tAGVKUp3zCsWsjXZ9L0pT8lJdz5TpPNc%2BvzgX2NRGEs8zhU6LPz0V1w6dQdu7qryBGQcO%2Bj9uK%2FodBqihGH%2FtU0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c7c46d7de8b35eb-FRA
expires: Wed, 14 Jun 2023 15:05:01 GMT

GET
H/1.1

200
OK

13926821-1578601357951
www.yceml.net/0421/
Redirect Chain

https://www.awltovhc.com/hn65jy1qwuFHGGIPHHONFHJPIMOIH
https://www.yceml.net/0421/13926821-1578601357951

6 KB
6 KB

667ms
392ms

Image
image/png

104.102.55.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0421/13926821-1578601357951
Protocol: HTTP/1.1
Server: 104.102.55.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-55-21.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: 2e50792c494747bdd0bb61bde12e8f0a59c62bfe4aa604120d1a79faf6f2c60f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 May 2023 15:05:02 GMT
X-VC-HTTPS: On
Cache-Control: max-age=604800
Server: Resin/4.0.66
Connection: keep-alive
Content-Length: 6046
Expires: Mon, 22 May 2023 15:05:02 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 15:05:01 GMT
Server: Resin/4.0.66
Content-Type: text/html; charset=utf-8
Location: https://www.yceml.net/0421/13926821-1578601357951
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS: On
Content-Length: 87
Expires: Mon, 15 May 2023 15:05:01 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/ 185 KB
57 KB 132ms
132ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58043
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 15:01:13 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
51 KB 139ms
139ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7206891201335125315"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Mon, 15 May 2023 15:05:01 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 129ms
129ms Image
image/png 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:20:39 GMT
x-content-type-options: nosniff
age: 146662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 12 May 2024 22:20:39 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
117 B 405ms
130ms Image
text/plain 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f10.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 405ms
128ms Image
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a59af419c727b7eed2d11125aa0e28a55c5d1695e62619372ef0ab7fdf2019

Request headers

Referer
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/ 12 KB
13 KB 136ms
136ms Font
font/woff2 172.67.178.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8eabbb5502fb7a73076383db8e9feaa31a0f14bd82a318e46aceb8144982763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.u-pull-it.com/wp-content/cache/perfmatters/www.u-pull-it.com/fonts/3039e898bcdd.google-fonts.css
Origin: https://www.u-pull-it.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12732
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 17:02:54 GMT
server: cloudflare
etag: "641891be-31bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KalGb%2B5SX9kYelR2mAfjdRYXUmzjYgj7%2Bkq%2FperKP%2B67wggPJGnUEllm06qwttdAKfkxwyEblj0Z7GfgSzzI06%2B4Ogq0I%2Fu%2F0%2B7o1B7jcXz8mH9szMTh6pVRMgqdMO7GKnWahg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c7c46dbfbf935eb-FRA
expires: Tue, 30 May 2023 09:36:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 404ms
138ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.u-pull-it.com&callback=_gfp_s_&client=ca-pub-1957707705603006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

98d6966c3f04e91f48104935197cab3bb0746f020f9dfdb8d4d0e1a5ec15def6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
531 B 411ms
141ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 488ms
141ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4ED 495 KB
83 KB 1530ms
1529ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&adk=1812271804&adf=3025194257&lmt=1684159521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.u-pull-it.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101294&bpp=7&bdt=6111&idt=809&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5288850973736&frm=20&pv=2&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=840

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2b8fb3f001b18d849ad2c634a3bb6d1ac97605af66f0e6b9f431c03d536a26d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 84581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:03 GMT
expires: Mon, 15 May 2023 15:05:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 188ms
187ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1ed74090ff9b553fb10ca36e04b040ca2453f7562792e11842c02ab096f06459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 65FE 77 KB
31 KB 506ms
506ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4817187887&adk=55929723&adf=2704398893&pi=t.ma~as.4817187887&w=360&fwrn=4&fwrnh=100&lmt=1684159521&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101301&bpp=2&bdt=6117&idt=840&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kskWQWetPz&p=https%3A//www.u-pull-it.com&dtd=845

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c31076b3569ccfba6a6c1c0ccda8ffa280aea175b0e4e766ad447f19eee6d937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:02 GMT
expires: Mon, 15 May 2023 15:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 417ms
148ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 May 2023 15:05:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65FE 0
0 182ms
182ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj0hAHkpiZMqjDs6s1fAP2YajyAq3sZKocKGf1ea7EdrZHhABILiK9VdgjfLSA6AB4vSSxQPIAQKoAwHIA8kEqgTRAU_QiArL2zXhzoCCIEILfmWeqQjjaBcRpxgSEmmaj0vMHrpuaixIXFTAMFT0x3keQ-WWvcCqXt3OuZk3u8B7u7RmuDKeF4jPCJpA3HOmhi0gE8XEOg6YKrHtojI8EEaD3tOaeiYRxt7MTYJwv3TXSHGTLzfRKKhvFIkpKNrxQIRaP6FwP-pIjcJ9Zi3RYSIY-VCprIQAD766JEIFYItU871rYYjlErRrJEDbtafIOUhtTSpaRVHZPRBL3UueOUT-hhnmhU-izKjWRQTFrkTe4klLwATS6s2ppwSSBQQIBBgBkgUECAUYBKAGAoAHhovtOqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP29BNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE5NTc3MDc3MDU2MDMwMDYYAA&sigh=VX59lDtqlL8&uach_m=[UACH]&cid=CAQSGwBygQiDM5-JMhhN-89Lidfm-Zkmr9PuuIxO_hgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4817187887&adk=55929723&adf=2704398893&pi=t.ma~as.4817187887&w=360&fwrn=4&fwrnh=100&lmt=1684159521&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101301&bpp=2&bdt=6117&idt=840&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kskWQWetPz&p=https%3A//www.u-pull-it.com&dtd=845

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4817187887&adk=55929723&adf=2704398893&pi=t.ma~as.4817187887&w=360&fwrn=4&fwrnh=100&lmt=1684159521&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101301&bpp=2&bdt=6117&idt=840&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kskWQWetPz&p=https%3A//www.u-pull-it.com&dtd=845
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 15:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 May 2023 15:05:02 GMT

GET
H2 200 11708104112502990187
tpc.googlesyndication.com/daca_images/simgad/ Frame 65FE 55 KB
55 KB 131ms
131ms Image
image/png 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11708104112502990187

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

81dc264714d2b815a4bc14069390e1e2e9795cbc24b7c65b85b46f523b8830b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:47:17 GMT
x-content-type-options: nosniff
age: 195465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56104
x-xss-protection: 0
last-modified: Wed, 18 May 2022 21:06:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 08:47:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 65FE 22 KB
9 KB 196ms
196ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 65FE 3 KB
1 KB 215ms
215ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 65FE 19 KB
8 KB 207ms
206ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65FE 169 KB
53 KB 413ms
146ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 65FE 32 KB
13 KB 216ms
215ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:32:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF67 13 KB
5 KB 188ms
187ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:35:24 GMT
expires: Tue, 14 May 2024 14:35:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 429 aframe Show response
www.google.com/recaptcha/api2/ Frame E261 1 KB
1 KB 452ms
451ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api2/aframe
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: 9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 15:05:03 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C746 143 B
166 B 135ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4817187887&adk=55929723&adf=2704398893&pi=t.ma~as.4817187887&w=360&fwrn=4&fwrnh=100&lmt=1684159521&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163101301&bpp=2&bdt=6117&idt=840&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kskWQWetPz&p=https%3A//www.u-pull-it.com&dtd=845
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 65FE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f8c758c449a753227f68ccd66966eefc8e53956df37575918e75488170ca908

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame FF67 37 KB
14 KB 130ms
130ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C746
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

153ms
153ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:03 GMT
expires: Mon, 15 May 2023 15:05:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF67 0
10 B 132ms
132ms Image
text/plain 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e6L57A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f193.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BE8 37 KB
14 KB 129ms
129ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 233ms
233ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1833165021774107&bg=!v7ylvOjNAAYldGN0BXQ7ADkAdvg8WtzRy-kRKcdgduNmwEceVSys4m_9uH6q4TrXgUW2ix-2AeVrms1anokT5H2MfTQUMo5Y9XQCAAAASFIAAAACaAEHmQKcD0Twj8CxW7UltB05btVjmVyRrOv4lSXFAaLRdF7QN9avLWHYN6RrDcsIMgPYzVechHvtQYu3pbTtxpMA2iblhRl9nchC-D6-kgoRT_v6v8RV1iwrVX2RHWaBL_LmDnJs2vft0AfGMSeXRxUgH_nyk1KhKg2wrEPM6YIHTooYHhA1g_4kx_pOFVVbMtqqKG6uFkh2r8h34SxMZMT3DkC0npDBJ59OYvenxcOaWZFclzjNp0Ck9N74H-XQ3hR2JXBHDVFBV0t-AdL5pIY2QvJUcuCoIpOi2p0uilYbHc4XugDw2hnWFb2Y4bQUA4NndeCmzdaeOdOArdta3LGqm4rya-umuTqptyCbQ3QUoiba1RfTxQgWwo4ksB5ilOhnr_1X5yrG0iHqOOeJhZ1lFbMbIbN3y0CnzH-lSZ4Cp4uPnD4w8AmAZ-dXtUxRRy8t_ZvKIMhwDDiAEEbE6T6-TZa9tdBEt28CityVCr_H1RTHc0YRy7jDa5B2oQTv0tFCTl3R4cPMrsIoKaORHx36fPjccRRrLc2kKr6170MlJG9MArmhruMjWpOOqxaXZuISehrKXLgePN0RhMYOy6cvrIJYE5D7JhJM6yjM2HxIwPZSaTjxd27Ft_c8o8KwT2iZH9G5qthC8NUd6GR9B9ld18XTx1bZIbSdLg1wuNNGiNgLJgldFVv68b5v2r-MsRZE9o7fxq0isCKJ2uBUYZ61HvK8beT2IZ4kIdXZr3MUq4kzhH4YLyACT3zT8RVeIW_skIATUb3ZUT3LcVHpoph8dqpvDrFULHJDVnGyvPlh0nyJu9ygWMXpjALjVs-9eUK1XdFilch0EUGYuh5SZodRVLmZb_HmQzj42gjs3-X4fwCD3TDTKeWd7Du4UbSe6t8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 151 KB
51 KB 206ms
206ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

334c22ba249eb4730dbca041ffacc28786db90e14ae2ed108fd7be39e340e673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52425
x-xss-protection: 0
server: cafe
etag: 2124659484922950727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 240ms
240ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C3%2C4%2C1&c=ca-pub-1957707705603006&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
165 B 141ms
140ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 143ms
143ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 231ms
231ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-1957707705603006&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230510_104200&sat=1683917078444&afm=0&as_count=1&d_count=0&ng_count=0&am_count=3&atf_count=1&mdns=0.035&alldns=0.098&allp=98&fd=(0%2C2%2C0)%2C(1%2C14%2C10)%2C(2%2C7%2C5)&pgh=8000&abl=false&rr=n&su=www.u-pull-it.com&pvc=1833165021774107&r=0.1&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C75 118 KB
45 KB 464ms
464ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=115&adk=164834801&adf=2276849504&pi=t.aa~a.3080175788~rp.4&w=720&lmt=1684159521&nsk=46ab0f3&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x115&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8645&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280&nras=2&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=36GoxSTu4D&p=https%3A//www.u-pull-it.com&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

588ee77035cdc1ac68ef654973dfd8299f0a5bdc39cfc20361ab5dab94e486e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 45644
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86D4 119 KB
45 KB 533ms
533ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=112&adk=1684796181&adf=2395104377&pi=t.aa~a.1835932303~rp.4&w=720&lmt=1684159521&nsk=aa26b9fe&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x112&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8644&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280%2C720x115&nras=3&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=mdrML4A6ED&p=https%3A//www.u-pull-it.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e6ea6624a776b6c82f56b4d009489d3527d33ec9791dc2c00883c4c53229d371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 45864
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 231ms
231ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C3%2C4%2C1&c=ca-pub-1957707705603006&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
165 B 140ms
140ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 138ms
138ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 6ECF 10 KB
4 KB 136ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 67553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 8307 10 KB
4 KB 135ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 67553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 896D 10 KB
4 KB 135ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 67553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 7FDF 10 KB
4 KB 145ms
145ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 67553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 6ECF 4 KB
1 KB 436ms
137ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:52:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6ECF 205 B
650 B 398ms
130ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 07:06:01 GMT
x-content-type-options: nosniff
age: 28743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 May 2024 07:06:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6ECF 604 B
695 B 488ms
219ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 09:37:07 GMT
x-content-type-options: nosniff
age: 19677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 May 2024 09:37:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 6ECF 19 KB
8 KB 130ms
129ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8020
x-xss-protection: 0
server: cafe
etag: 10981734531507917325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:08:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8307 9 KB
1004 B 402ms
139ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

fb4c9bbeed2aa7fc0461b59147e4ad09841b9309030f8a22ffa8a2e7296e2ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 14:24:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8307 2 KB
765 B 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 8307 22 KB
9 KB 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8307 3 KB
1 KB 312ms
311ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8307 19 KB
8 KB 151ms
151ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8307 169 KB
52 KB 141ms
140ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 8307 32 KB
13 KB 422ms
194ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 896D 9 KB
1004 B 400ms
148ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

fb4c9bbeed2aa7fc0461b59147e4ad09841b9309030f8a22ffa8a2e7296e2ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:14:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 896D 2 KB
765 B 305ms
305ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 896D 22 KB
9 KB 163ms
163ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 896D 3 KB
1 KB 303ms
302ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 896D 19 KB
8 KB 190ms
189ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 896D 169 KB
52 KB 193ms
192ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 896D 32 KB
14 KB 347ms
131ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FDF 0
0 316ms
316ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9lPgHkpiZOfoDefL1fAPvZa9-AK3sZKocOGc1ea7EdrZHhABILiK9VdgjfLSA6AB4vSSxQPIAQKoAwHIA8kEqgTSAU_Qk6EQobMQb0QQo_TwNPUVl_tYWu54yOrVtdr77FIQHOHRAbLP-9-nuRsr_v4DljJ0Mn0n6XmlWLdyHPJgk4BqZUcGh1wXxQVTSIeVf1cn-MBqG0Enwar8FwhAPEnYS4DKjK5RCQXOj7QUAt6Rm6HPXhDQB3I6h7GM_VBV_JZGptKIbJm7l_CxHVKeLerFTTGl05GXnUsWRcup9P3CF95cPO7MP6d7X6nvdO3oY2bsxlKrksmOKf6aqulsb2gyaKm3RNL8yZt9gILv1VJp4NdujMAE0urNqacEkgUECAQYAZIFBAgFGASgBgKAB4aL7TqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD9zAPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTU3NzA3NzA1NjAzMDA2GAA&sigh=bG9pdQJ0low&uach_m=[UACH]&cid=CAQSGwBygQiDLpS7WClirwk8DeXbpoNZQeJFxPFptxgB

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 7FDF 22 KB
9 KB 201ms
201ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 15207850141814501750
tpc.googlesyndication.com/daca_images/simgad/ Frame 7FDF 71 KB
71 KB 364ms
364ms Image
image/png 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15207850141814501750

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

d7be4681a8b465a0154813ed900269d675350b70bbad9ee6c24414eb7804966c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:18:09 GMT
x-content-type-options: nosniff
age: 222415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72350
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 19:00:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 01:18:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 7FDF 3 KB
1 KB 322ms
322ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 7FDF 19 KB
8 KB 224ms
224ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FDF 169 KB
52 KB 225ms
224ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 7FDF 32 KB
13 KB 327ms
326ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:32:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C75 6 KB
756 B 307ms
144ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=115&adk=164834801&adf=2276849504&pi=t.aa~a.3080175788~rp.4&w=720&lmt=1684159521&nsk=46ab0f3&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x115&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8645&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280&nras=2&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=36GoxSTu4D&p=https%3A//www.u-pull-it.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C75 6 KB
779 B 303ms
140ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 65FE 42 B
64 B 232ms
232ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqFj9FEWiJTSHl7pi3i-_oYoBGCAxhUzmw-I3knJafHYUUu9wlE9f24dlQEMpyn501o5oZWQucbIBTwbAEQ8pbV9CctLoZ_OyshiItnPp9HLmwmdHKAbdu4Kdr7Q87GMHxYwg&sai=AMfl-YQDI3cLQr9MJ27bBjzw8OiZPShWeJE-bQSW0rKlsyVmcxtvFuvVkCjXVhXbGyPkouYj_txStPMegDCy&sig=Cg0ArKJSzJu_zLtlScPhEAE&cid=CAQSGwBygQiDM5-JMhhN-89Lidfm-Zkmr9PuuIxO_hgB&id=lidar2&mcvt=1003&p=0,12,280,348&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=55929723&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684163102148&rpt=1162&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 6C75 34 KB
13 KB 154ms
154ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13484
x-xss-protection: 0
server: cafe
etag: 15319064171597158994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 19:53:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2708 143 B
166 B 156ms
156ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 86D4 6 KB
756 B 236ms
145ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=112&adk=1684796181&adf=2395104377&pi=t.aa~a.1835932303~rp.4&w=720&lmt=1684159521&nsk=aa26b9fe&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x112&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8644&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280%2C720x115&nras=3&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=mdrML4A6ED&p=https%3A//www.u-pull-it.com&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 86D4 6 KB
756 B 232ms
142ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 86D4 34 KB
13 KB 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13484
x-xss-protection: 0
server: cafe
etag: 15319064171597158994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 19:53:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC00 143 B
166 B 136ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C75 169 KB
52 KB 171ms
171ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 6C75 22 KB
9 KB 128ms
128ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 6C75 3 KB
1 KB 132ms
131ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 6C75 19 KB
8 KB 132ms
132ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C75 0
0 142ms
141ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrQz1gzYYcsXrIcE2HeYVAF5mbSV4zpat-kpTyFAlJQszbyHmtz8gQlI9YwZH_P-0T-P3kSOYCQih6Rr7AnrgJ5Jctrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=115&adk=164834801&adf=2276849504&pi=t.aa~a.3080175788~rp.4&w=720&lmt=1684159521&nsk=46ab0f3&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x115&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8645&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280&nras=2&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=36GoxSTu4D&p=https%3A//www.u-pull-it.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1871 143 B
166 B 135ms
134ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FDF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6d2b7360a9bf8026dbb7e871f990531ddce0b63c957c91290209253bf5e0435

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86D4 169 KB
52 KB 184ms
184ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 86D4 22 KB
9 KB 132ms
132ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 86D4 3 KB
1 KB 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2708
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

155ms
155ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
expires: Mon, 15 May 2023 15:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 86D4 19 KB
8 KB 129ms
128ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 86D4 0
0 141ms
141ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKzRfpv0F8sRFyyu43TIrXSrUQsQrJh-8O9MU_DM-nAGG07oNiZ7rQbwsF8lb6czSAdexoz0N1x3aaWiqQWGxHAs9POQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=112&adk=1684796181&adf=2395104377&pi=t.aa~a.1835932303~rp.4&w=720&lmt=1684159521&nsk=aa26b9fe&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x112&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8644&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280%2C720x115&nras=3&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=mdrML4A6ED&p=https%3A//www.u-pull-it.com&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

146ms
146ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
expires: Mon, 15 May 2023 15:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1871
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

147ms
147ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
expires: Mon, 15 May 2023 15:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2254 9 KB
1005 B 141ms
140ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:10:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2254 2 KB
765 B 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 2254 22 KB
9 KB 127ms
127ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2254 3 KB
1 KB 137ms
136ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2254 19 KB
8 KB 131ms
130ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2254 169 KB
52 KB 198ms
197ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 15:05:04 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 2254 32 KB
13 KB 129ms
128ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17066570391466207863/ Frame 6C75 5 KB
5 KB 172ms
172ms Image
image/png 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17066570391466207863/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIlQEQThgBIAEtAAAAPzCVAThORQAAgD8&rs=AOga4qnhHFaaWIAgPmX81qQcjPyLU0lGKw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

d46237c406a896dcf55982b5b54d7746f2610e656f2bc9baedab264cc2bb8947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4881
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 14:10:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 May 2024 15:05:04 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10083422902439186263/ Frame 86D4 6 KB
6 KB 174ms
173ms Image
image/png 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10083422902439186263/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIlQEQThgBIAEtAAAAPzCVAThORQAAgD8&rs=AOga4qm33Df77OeRdTFdCSz26V7DJopYXA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

2ba64c567b8f8c2b36e5a5229c4e64e5d193c5b25f784352129bf02424b86bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6427
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 14:10:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 May 2024 15:05:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 86D4 0
0 182ms
181ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMXx8H0piZKCIOYXM1fAP1o-bwAvP8uvmb8LZ-enQENrZHhABILiK9VdgjfLSA6AB8enSryjIAQaoAwHIA8sEqgTiAU_QYiJy7Ow3YmHDr7ysdAfbACmkmVAi06M7tbqtVR-FdEeLaPDIhCykUQ1DTqmCyLEfcqTI2DeDWzG61zlV1YsDKNr3-uOuA1ev2tkPJozajbDc72i8rxVob4k7K4w6Y9w20IsxKMkpRhVUB9YvwlciN6Z6AeiJbzBhvaY8_t2vTAVuvI5xoD2yjl4c-Newq5wxHLqTprKSy3JJASjCBITcTkQoCNypO2z7hyNReQxMa39ZC9uVibo2HHLToJ6N-lu6rYES8ZOwaK5NM6EoC6ulZSR2o4v4TXhacu-zHqXB8AzABKy9u5m5BJIFBAgEGAGSBQQIBRgEoAY3gAfxoaOPA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENdT0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk1NzcwNzcwNTYwMzAwNhgA&sigh=feVX89H92uQ&uach_m=[UACH]&cid=CAQSPABygQiDZjBvjeecIvON0pOC04dHNIpi5jkHTvL36cMaYqMQqc4SJ7Uaow4v8Pv92wT54szGGxmR0-I_hhgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=112&adk=1684796181&adf=2395104377&pi=t.aa~a.1835932303~rp.4&w=720&lmt=1684159521&nsk=aa26b9fe&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x112&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8644&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280%2C720x115&nras=3&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=mdrML4A6ED&p=https%3A//www.u-pull-it.com&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C75 16 KB
16 KB 392ms
127ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 151289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 21:03:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 86D4 16 KB
16 KB 457ms
195ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 151289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 21:03:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6C75 0
0 204ms
204ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CafhwH0piZOrqOITXxgP8g6fgBs_y6-Zvwtn56dAQ2tkeEAEguIr1V2CN8tIDoAHx6dKvKMgBBqgDAcgDywSqBOIBT9DDE-7G8hSN0dM85LLNROx5eMqyKxAUMLetwVld30kKbiUxXrDkAvteOCxexIfdRohozT8VnBkGqtppVUSpUXm3QewhsjgcrLs_4EW92C4L10EFf1Z84_eClhsl-fUTkKkY8w3HAbkO74TOaD9xEaLEcUc2bpyrTcjHDvAwn6_7W6uJGjhaN24r5uLFj7-1aI9QXJfJ45vmKD_sD7lOKqC_sVtpCO92UDCFWPUSCGwtJf0YMjw_4CSpkOiejBjMZ5FA1YVbDJKJia9xRDehoVVAT6C__HZMb2drrvlqleqKw8AErL27mbkEkgUECAQYAZIFBAgFGASgBjeAB_Gho48DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQyoIB0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk1NzcwNzcwNTYwMzAwNhgA&sigh=2wSiIf5yyhk&uach_m=[UACH]&cid=CAQSPABygQiD6Rrj0C1V6lhmx8IhQeJnSgG8XzxyTpYNmt-tTjkE0NIodNMQPViPiNEW16pXm0lB48h-WKU87xgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=115&adk=164834801&adf=2276849504&pi=t.aa~a.3080175788~rp.4&w=720&lmt=1684159521&nsk=46ab0f3&rafmt=11&pwprc=6692248084&ad_type=text_image&format=720x115&url=https%3A%2F%2Fwww.u-pull-it.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684163103828&bpp=1&bdt=8645&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8a99f2ed840367c9-22c2a8b1d4dd0021%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ&gpic=UID%3D00000c15bdf36b44%3AT%3D1684163102%3ART%3D1684163102%3AS%3DALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ&prev_fmts=0x0%2C360x280&nras=2&correlator=5288850973736&frm=20&pv=1&ga_vid=691543433.1684163101&ga_sid=1684163102&ga_hid=1911318399&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C42532089%2C42532185%2C44773809%2C44759926%2C44759837%2C44785293%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjsZBPpQGn697FXzXiUu24hYr4exqaT1p3iiZxdTUzOGmeohvWdkW4_gAQUfNtfKK8teGGAEqUoYDYrevXn438bmw&pvsid=1833165021774107&tmod=574773202&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=36GoxSTu4D&p=https%3A//www.u-pull-it.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 15:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E95 1 KB
643 B 130ms
130ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 14451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6C75 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66950fa0672eba49adbb93f932eaa7d29810fb2a3aade1ea02fb218b1f718c09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D14 143 B
166 B 136ms
135ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 14:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM1bDKsgMMawbzRzOvUZQb0&google_cver=1&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYPwmAga7UnOaXE90NM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3973224EB4784A72BD55F58D75006413&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYP...

170 B
232 B

142ms
142ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3973224EB4784A72BD55F58D75006413&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYPwmAga7UnOaXE90NM

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 15:05:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3973224EB4784A72BD55F58D75006413&google_push=ATf1kGPr96e0ZibU2atLBMkrhAGtq97BLkuykFIbPyv3DHWs8tMRB4AQD63QZiWyA0CDE8-N0Ee7QUwGpX0_fYPwmAga7UnOaXE90NM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 May 2023 15:05:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECqGWz1Pv81557Sx7QOnbv4&google_cver=1&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4t...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4tSSXzQWctskaA0UZAHQCYjXsUQ

170 B
232 B

140ms
139ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4tSSXzQWctskaA0UZAHQCYjXsUQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 15:05:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BCA0C64640494AE7B3C6FED228034F43 Ref B: VIEEDGE4406 Ref C: 2023-05-15T15:05:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNaBRyMCxOhnWPgXcUbYbYD6p_EQIKc3VdhrX2g-f4UO1o4qxyVltl4Us5AYTTAshKIB9E4tSSXzQWctskaA0UZAHQCYjXsUQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7vMehOCL+6xmHkQe6/Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDKPj4xi9gKX53MX98L3nDE&google_cver=1&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5K...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5KAQBzy9S8&google_hm=eS1uUk5rdUtWRTJwR0h...

170 B
232 B

148ms
147ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5KAQBzy9S8&google_hm=eS1uUk5rdUtWRTJwR0hyclNpTXRETTQ3bkwyVVJ4SnFONH5B

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 15:05:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOGVWiVohkQ9_ydZmbAELPM2wR746b_mY72EJBJGWB5MIPUUMD6f3KTQoQ29HhYKEps2P7GHZmKuYA8XoUTcsWpq5KAQBzy9S8&google_hm=eS1uUk5rdUtWRTJwR0hyclNpTXRETTQ3bkwyVVJ4SnFONH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJw9pY9HcVBtHPlNZg35CWA&c_param1=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ

170 B
329 B

141ms
141ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8yYhpZXxpOfEWHdpXXS0PeNkAS1HxleDrqV96pjZ5Ba3zbUvRmqkWXJCMJiGt_13BxGGBo1gmtVLE0nnwcwrHZhvkZ9je1RQ
date: Mon, 15 May 2023 15:05:05 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEM_deW4OKAz_3vBJmlaDL4M&google_cver=1&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR2...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=9_rl9QbiX7lzstAFetVQsVvvzrg&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR...

170 B
188 B

139ms
139ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=9_rl9QbiX7lzstAFetVQsVvvzrg&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR2IXBmoUtViGVl9J6Y

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=9_rl9QbiX7lzstAFetVQsVvvzrg&google_push=ATf1kGMH6RrvrB8DqP0rlG1hM6u-ht6BTI-E0XULvesu87j31U-zs8MmnR9D7sGW4BGWAlUJ_hwI2B8NgJNNBR2IXBmoUtViGVl9J6Y
Date: Mon, 15 May 2023 15:05:05 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E95
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEATIfneSJpHpFpYmz-7WpdE&google_cver=1&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEATIfneSJpHpFpYmz-7WpdE%26google_cver%3D1%26google_push%3DATf1kGO7mNA8Xq1cf4WM-Z...
https://rtb2-useast.e-volution.ai/sync?adkuid=A6773288195696635852&exchange=193&google_gid=CAESEATIfneSJpHpFpYmz-7WpdE&google_cver=1&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106y...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY3NzMyODgxOTU2OTY2MzU4NTI&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50...

170 B
188 B

140ms
139ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY3NzMyODgxOTU2OTY2MzU4NTI&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY3NzMyODgxOTU2OTY2MzU4NTI&google_push=ATf1kGO7mNA8Xq1cf4WM-ZZaY6dNeyQ0QqnzlyQnEWFi87YU106yEu1VHtoQdTsp3t43ShqY5cWYR50c-YKetpFjyXIYBsTvMYNWr6Y
Date: Mon, 15 May 2023 15:05:06 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET google
sync-dmp.aura-dsp.com/match/ Frame 2E95 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E95 0
130 B 411ms
137ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJZFGNBumTmJ2Y73_xnL05iRAObcrU4UY-7DrHFylsfmPhXU49ecCaTinTrbHpboGe9Q8XJ_8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CD71 1 KB
643 B 129ms
129ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 14452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 86D4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cf3fef8d8d686e4bafe815850384dcd1c4a0d5cfc8ae905f9ba10d2bd99a30

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 260D 37 KB
14 KB 129ms
129ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D14
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

168ms
168ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:05 GMT
expires: Mon, 15 May 2023 15:05:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:05:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CD71
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbN...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnD...

43 B
417 B

329ms
319ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c7c46f2b9f9036e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 22
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELg9rs-aBHizJcS57p-Q3Sc&google_cver=1&google_push=ATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOL9xRfGVU5v71MG1XQikfn9PLAVCKuj6dNnQfcwXo8eoRax5ut_EVHrMxve_4GzQJ5APDizNfFqtcpcFvBH4rJsxZzlnDbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c7c46f0ef4e036e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD71
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP3oOZNqXZadTRtVBf9k_k0&google_cver=1&google_push=ATf1kGNdfAMsZ-At1slUC6Xbl1bRW0Q4OJ8lxLeprY_28Ca_coAq1z3PASxnRoJ0BPbvWKlATR-_Md9JwJkn8c5kd5...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEP3oOZNqXZadTRtVBf9k_k0&google_cver=1&google_push=ATf1kGNdfAMsZ-At1slUC6Xbl1bRW0Q4OJ8lxLeprY_28Ca_coAq1z3PASxnRoJ0BPbvWKlATR-_Md9JwJkn8c5kd5...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjcyZjI3ZTQtY2NhMS00ODgxLTliNTItMTNlZTgyY2YxYjQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=272f27e4-cca1-4881-9b52-13ee82cf1b41

170 B
188 B

140ms
140ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjcyZjI3ZTQtY2NhMS00ODgxLTliNTItMTNlZTgyY2YxYjQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=272f27e4-cca1-4881-9b52-13ee82cf1b41

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjcyZjI3ZTQtY2NhMS00ODgxLTliNTItMTNlZTgyY2YxYjQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=272f27e4-cca1-4881-9b52-13ee82cf1b41
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET adxcookie
match.adsby.bidtheatre.com/ Frame CD71 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD71
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5DuDDz2R-qwbi3ZWc2f2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

142ms
142ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5DuDDz2R-qwbi3ZWc2f2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGM9kbT5_Iw-KbRGjtI4wp30JFsLlSSK3rT--plVU_KrvbFyj-aoA9OmJdv3ut21SFKl3wwFQWfNpV9lMYX_UU5QWpRJmB6xsQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5DuDDz2R-qwbi3ZWc2f2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGM9kbT5_Iw-KbRGjtI4wp30JFsLlSSK3rT--plVU_KrvbFyj-aoA9OmJdv3ut21SFKl3wwFQWfNpV9lMYX_UU5QWpRJmB6xsQ
date: Mon, 15 May 2023 15:05:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD71
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_hm=ZGJKITQIuVqcF-uPbiv8JAAACGUAAAAB&google_nid=index&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7H...

170 B
188 B

140ms
139ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_hm=ZGJKITQIuVqcF-uPbiv8JAAACGUAAAAB&google_nid=index&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7HFnjO2e-HjD-O9Ycr-o1ErKFIfQBE_mY_Z8fgMoorO92bjtg0AM0j5061wRBFks94Q

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 15:05:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHdU2yFLGmDXaNOQQwTlLeE&google_hm=ZGJKITQIuVqcF-uPbiv8JAAACGUAAAAB&google_nid=index&google_push=ATf1kGMvkMM6Z-r0-3amocBSZXqXJH_zwJa7HFnjO2e-HjD-O9Ycr-o1ErKFIfQBE_mY_Z8fgMoorO92bjtg0AM0j5061wRBFks94Q
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD71
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGeRysaTJLWO_Lb97_fQjus&google_cver=1&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-45yxq6Ho&google_hm=NDE4NjMw...

170 B
188 B

139ms
139ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-45yxq6Ho&google_hm=NDE4NjMwMTkwNTkyMDE3MzY5Ng==

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGOMWucQ9Y0a_-xebdiSVi0dJ94Tl2s-fnd4PdK9qxJoxUvDDzMQ2my0t7zkQZ_evewJe65BSSTLZoJEXQPcmShCG2-45yxq6Ho&google_hm=NDE4NjMwMTkwNTkyMDE3MzY5Ng==
Date: Mon, 15 May 2023 15:05:05 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET google
sync-dmp.aura-dsp.com/match/ Frame CD71 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CD71 0
40 B 174ms
138ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lp6fKNhw28r06Y76dm1pI5UXtbA_RbkTMwc2AqQvwPqRfflRLa20mc2MiBsQ3TPSUvyIruc7Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 May 2023 15:05:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A56 37 KB
14 KB 129ms
129ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E29 37 KB
14 KB 129ms
129ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame B801 37 KB
14 KB 130ms
129ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FDF 42 B
64 B 231ms
231ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGXtwiJjdEj8I4-Sb-PjK7UGuK9MbemuCt8zUwzO4T77g3l3_Zm-jx6x1cul7eSqqFbIkjVwml_G0HJuZBjFylnskPiRN__SCxyfyoWbwTDBUP6fH7zAT6xqDZwruFAe3p0vU&sai=AMfl-YQq6FHpeS_FOhwEJyIAf8w-CWtEoCaao_HOXM-IcImlkF_P7XWzknIeZ5KH__hg1EdSczw-tqLPRjxp&sig=Cg0ArKJSzC_nbbgIYyLbEAE&cid=CAQSGwBygQiDLpS7WClirwk8DeXbpoNZQeJFxPFptxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=386,1000,1000,1000,1000&tos=386,614,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684163104039&rpt=692&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 15:05:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEKZVWtVnuaIMLKRY9WJXq00&google_cver=1&google_push=ATf1kGO5y8Tx-MUXQ5eaTr0mDTLF_jKcTD1bZ39XPoP45e28axB90vemhUW_47tIKIoRB9_8HMtdWnN7LiI4DCmZqzp_Q8X2R_R84YnR

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHeYie6jIJ--uxppvfnxjzs&google_cver=1&google_push=ATf1kGMLwR3-F9yt3LP2fvL60xd7lhuxdqmsASWQlRQeL4G2LRwCFVZvFZIpqST5IDKShF-Iz9sAgysmsZF_TGgyp4fO0i5V8S589g

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEKZVWtVnuaIMLKRY9WJXq00&google_cver=1&google_push=ATf1kGO2mKTs-yVVVJCwK-FJCpV9zyxR0-4rTk9zG3vvxgWUB7G1ornidA7fwow13fzImdcRLlQarMqsRL7t_XbS9jL6jk9Kjc5M080

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.u-pull-it.com/	1970-01-20 21:25:23	Name: _ga_HQ76RK4JLR Value: GS1.1.1684163101.1.0.1684163101.0.0.0
.u-pull-it.com/	1970-01-20 21:25:23	Name: _ga Value: GA1.1.691543433.1684163101
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XeF22kvDp0w
.youtube.com/	1970-01-20 16:08:35	Name: VISITOR_INFO1_LIVE Value: sfAhcS_YYFA
.u-pull-it.com/	1970-01-20 21:10:59	Name: __gads Value: ID=8a99f2ed840367c9-22c2a8b1d4dd0021:T=1684163102:RT=1684163102:S=ALNI_MYC2z_-jnSNSJEufC1VltdCQ9X9pQ
.u-pull-it.com/	1970-01-20 21:10:59	Name: __gpi Value: UID=00000c15bdf36b44:T=1684163102:RT=1684163102:S=ALNI_MYtdiPH_NDBH2bmSBAW4XrYZUJpXQ
.doubleclick.net/	1970-01-20 21:25:23	Name: IDE Value: AHWqTUn_Uwh4XKfmO5ulJ83Vfm8i8SazsQcZBi-N30_6g-P9yB1GfnqkJv4BGAzDY78
.doubleclick.net/	1970-01-20 11:49:26	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:49:24	Name: test_cookie Value: CheckForPermission
.uuidksinc.net/	1970-01-20 20:34:59	Name: jcsuuid Value: 3OZNSakMde6YOOVLiBi6
.simpli.fi/	1970-01-20 20:36:25	Name: suid Value: 3973224EB4784A72BD55F58D75006413
.linkedin.com/	1970-01-20 20:34:59	Name: bcookie Value: "v=2&86c4529f-71c1-4284-8f9f-7b5a571dc20c"
.linkedin.com/	1970-01-20 11:50:49	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2925:u=1:x=1:i=1684163105:t=1684249505:v=2:sig=AQFNIh8hoWYyHguDXIP-zAIZ5uQnXc8f"
.yahoo.com/	1970-01-20 20:35:20	Name: A3 Value: d=AQABBCFKYmQCEHHuF3_WUHErjTZBv1IsJ-YFEgEBAQGbY2RsZAAAAAAA_eMAAA&S=AQAAAuTi8nNZPlLaW3e2ufQTKS8
.casalemedia.com/	1970-01-20 20:34:59	Name: CMID Value: ZGJKITQIuVqcF.uPbiv8JAAA
.casalemedia.com/	1970-01-20 13:58:59	Name: CMPS Value: 2149
.casalemedia.com/	1970-01-20 13:58:59	Name: CMPRO Value: 2149
.pubmatic.com/	1970-01-20 11:50:49	Name: KTPCACOOKIE Value: YES
.adsrvr.org/	1970-01-20 20:36:25	Name: TDID Value: 272f27e4-cca1-4881-9b52-13ee82cf1b41
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjG0MDM2MLQ0MLU0MjA0NzazNBPiM9T1CDQsMvT3LUgvKXABAJZlN6YlAAAA
.rfihub.com/	1970-01-20 21:10:59	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dU8NqixODPHyCfeP90myNI9PC8wqLQ7iNTSzMDE0MzY0MDU1N3vFiMoHAM8pHm09AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dU8NqixODPHyCfeP90myNI9PC8wqLQYA7aekNB4AAAA
.rfihub.com/	1970-01-20 21:10:59	Name: rud Value: H4sIAAAAAAAA_-MSNjG0MDM2MLQ0MLU0MjA0NzazNBPiM9T1CDQsMvT3LUgvKXABAJZlN6YlAAAA
.pubmatic.com/	1970-01-20 20:34:59	Name: KADUSERCOOKIE Value: 9390EE0C-3CF6-47EA-B06E-2DD959CD9FD8
sync.srv.stackadapt.com/	1970-01-20 20:34:59	Name: sa-user-id Value: s%3A0-f7fae5f5-06e2-5fb9-73b2-d0057ad550b1.GT1MOywuh%2FSPqyhoefeiTrWZjDQ7wZVlR%2BnELp%2FU3ro
sync.srv.stackadapt.com/	1970-01-20 20:34:59	Name: sa-user-id-v2 Value: s%3A9_rl9QbiX7lzstAFetVQsVvvzrg.eNnp9Rj5puyfwj7bWAbqIdEwpYhoh8DZQ6T1fQvXOjY
.srv.stackadapt.com/	1970-01-20 20:34:59	Name: sa-user-id-v2 Value: s%3A9_rl9QbiX7lzstAFetVQsVvvzrg.eNnp9Rj5puyfwj7bWAbqIdEwpYhoh8DZQ6T1fQvXOjY
.adsrvr.org/	1970-01-20 20:36:25	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIvOeVyfnX6jsQBRgFIAEoAjILCPj1zPSP2Oo7EAU4AQ..
.tribalfusion.com/	1970-01-20 13:58:59	Name: ANON_ID Value: alnseFtZdPuem7SpBnAoppLEcMuVgZcHQZbvN4EnBpb0s3JaZaNHeoGHWfR6YRHEvJOQZcr4BIIXj7OV2rUoHxpO1
.adkernel.com/	1970-01-20 12:32:35	Name: ADKUID Value: A6773288195696635852

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.u-pull-it.com/ Message: The resource https://www.u-pull-it.com/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://www.google.com/recaptcha/api2/aframe Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
adservice.google.com
adservice.google.ge
clients1.google.com
cm.g.doubleclick.net
cse.google.com
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
s.uuidksinc.net
ssum-sec.casalemedia.com
sync-dmp.aura-dsp.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
um.simpli.fi
www.awltovhc.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.u-pull-it.com
www.yceml.net
www.youtube.com
match.adsby.bidtheatre.com
sync-dmp.aura-dsp.com
104.102.55.21
104.18.24.173
13.107.42.14
142.250.184.202
142.250.185.130
142.250.185.66
142.250.186.142
142.250.186.162
142.250.186.42
142.250.186.46
142.250.186.68
142.250.186.98
142.250.74.195
172.217.16.130
172.217.16.193
172.217.18.2
172.217.23.99
172.67.178.77
174.137.133.49
185.64.190.78
185.80.39.216
193.0.160.130
31.220.27.135
34.248.1.169
34.91.62.186
35.71.131.137
54.156.183.173
89.207.16.75
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
03807aaaac0c9d143c1cbef4715174878728d4de7f679046d8e0dfd5622504bc
0385ba4f9e7baf0cd4c8eb69afa560a0b0eb355d3e1baa4bd3cc8b2c8e45d5f7
04a59af419c727b7eed2d11125aa0e28a55c5d1695e62619372ef0ab7fdf2019
04f0ae2b2a7c730b22a81b0cdccf7f1ec5e83114b27c1813f6adf4342caa41b1
0723e36ab2b1134f1583758dd4d5de797764e1395624214a1ddfc96eb978a529
083c8bfcda6e3e03f99797b5ec45c24b9b020d30f2a62b5bf2adcf4d8090c9a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1067d9d607aaa963500f092b2e3f7d61575344353a17d35d8c69d2ea5f038aae
10c5e674c4d3d4191882e8665a62399fbb79c33a4fd2a65db34c9257ef940895
141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876
1771eb1bbefb5dd36c617035bd571186132850d40719434f264ba4a572292405
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19fabe0a716fc7192e5c36c1c710a8e40a19bbe8424895a398a4329756db156a
1c0fbc59729545f7f4ab261f3a132650c123c19621bf26c0805e5fb9faff792c
1ed74090ff9b553fb10ca36e04b040ca2453f7562792e11842c02ab096f06459
20a5182078f2933ddc1b100685cad41a1d4a851b8d53f7147a30350794987a0c
21b6e104886e94d96d6d8e7f0971abd44265e2d37207f21e9c358cb0918335cf
24b2e754190e5438d4adcb9125299a592efba5efeeb050ae63f3a2faec6754f7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2b0c75ccda36e8210f03c2d4021100adad244fbd747113d1a0a9f0c7cf1000
2b8fb3f001b18d849ad2c634a3bb6d1ac97605af66f0e6b9f431c03d536a26d5
2ba64c567b8f8c2b36e5a5229c4e64e5d193c5b25f784352129bf02424b86bd5
2bda7cc8e45b2fdeed974f32189e2e18aa4c835c6dac03716776fa80a6f034bb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d096326cd90387efaca9db2096876825f6710c4e7e93d13d1323402aea86d77
2dcfd665cac2dec7b0804afa12986aee4a37865d62f35e0bea9e1227e66517fe
2e50792c494747bdd0bb61bde12e8f0a59c62bfe4aa604120d1a79faf6f2c60f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320e2c6b77730a3e5c9ebb990c15f2f6854780aa383e45b855e3e28b03ed3831
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
334c22ba249eb4730dbca041ffacc28786db90e14ae2ed108fd7be39e340e673
4340fc4f9bb5c66186c8bfc933bf772bb0f5477be581895fed97b472fdb6addb
4528f43753dd54b3b0385ee338bd080b28a721a88d85e66e855af79b9bc19897
4595cbf1de3f332608b02017cbb73fccd2eea5702f98224fdd35763081a64463
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
4945b65208da6182d85c4cc0ef454ec02fbfde7308014ede2cee5373eed9f8ee
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4cf8f95cf06f91c4f38712889d3346811c8bb47ee1fccd444ac6e175ed724f87
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f7835226d801419b3f0a07dffae98dbac8a0e6712eb2220b5db9a1e19608b8
5854b334940a3c9eef3a1b7db648d333357a8c6fe4618bd57234f47676a5fb84
588ee77035cdc1ac68ef654973dfd8299f0a5bdc39cfc20361ab5dab94e486e2
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7811f8f7f874b5c956be0adfc8107262b9c32ed467ce5489397b91e8565710
5fb59593277a8e26c5ab132801c5eb8cb7fb21aefac4c4d87b8fd4e8c966a3e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650a3b4cae5ab950ce1154b28b028ac17a6db00f737953b89fa5b83853fcfddc
66950fa0672eba49adbb93f932eaa7d29810fb2a3aade1ea02fb218b1f718c09
6879326c933451812ba91f3b4a2761c5e8dbc9713359ec2f3f11929e6eff45a3
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
7159d4b1ed477d7bf406009d95c2693358f49833ea398b1567603017cb60f244
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
81cf3fef8d8d686e4bafe815850384dcd1c4a0d5cfc8ae905f9ba10d2bd99a30
81dc264714d2b815a4bc14069390e1e2e9795cbc24b7c65b85b46f523b8830b6
823c1ee4d1067e9cc704ffee49f5f14fb146fa520fd38aa4e53aaac5c120a244
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
873ca7b63d6766c0c2aec95d88a3281162120688519f4a6e4034bd68dc7e17c7
8a17d0931faf82351661f8788fa1f539eebbaafa44fd9c62c0d507d9a2adf8c9
8b8501fed6ab7ec3ac0507f5660f91fec8fb321e7e33c1c8e48817863b0c9493
8c0032b438ad5bb4fd31c79633d42114cde9ae458de99526b9fb8fefa58ed685
8cae44edf97abf5f90ff44b6a43d1ee100d833f40d9a462c4617f72ab19e0c6e
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01
922d7b629a8eaad5cabbb8d73bdfe54bccb57c1506f559a962c062d72c91524c
94573510650d61803843345cbc7605c4fd77f92345c62eb7cba6c437c44986bc
98d6966c3f04e91f48104935197cab3bb0746f020f9dfdb8d4d0e1a5ec15def6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b47daca06c93fa12087b179ea77c156f4eb141ed5bb8edd6e381f95955d3fc2
9f8c758c449a753227f68ccd66966eefc8e53956df37575918e75488170ca908
a0b247111e148fe06143eb6213909fb88cf10f7bee6781b437702f96e3cdacc1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aaa8365187616ef2c4f580e55ce1b441c2963f87268d66b290c3751bd8549774
aaef932219036e70a117001f3c3b68baa90412d6bb334c9efb8e186ce0b5c18c
ac4be2cb31270a1e2d4a5b5d2d298ee88378b755fc2a662fcf2c62c6c6bd9cf4
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
ae2e2f8b3f0f2912839fbe9c2be57f5126975257335125d6106ff4e210676d9f
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b105bdc15a1d9de8bcea43d01e636f866b89182bd368e4bb792579e3ad085faf
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b8fab3c08dcfe1f49fe68d54a69041c66e41585d91e43f59d28ee98bcde51c95
bacf0700f76fa7fb17cfd78fe44859a5f02cec044ff0e2e9a530f92e08b6e6aa
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
be2825d766868516b6930bdee0ac4a1ccce1d533bc497511f89faa91ac6440bd
bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
c31076b3569ccfba6a6c1c0ccda8ffa280aea175b0e4e766ad447f19eee6d937
c40ca0434ff10ce6f9f2276d85415d3e1e63dfab027241ee501b13de17e3acb5
c8eabbb5502fb7a73076383db8e9feaa31a0f14bd82a318e46aceb8144982763
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce77df5077965bde813f47c3d590c677b19d87ed92fc4eaee154ffb736868139
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
d3973fbafd6b6340de1a8f0d37549994d7dbef94de6e49d5e43c5237a43160a5
d46237c406a896dcf55982b5b54d7746f2610e656f2bc9baedab264cc2bb8947
d649b49409131d53cd4d6600084f89ffb4da738452baeb71a694f94fa10f2213
d74604b1cad2711aea8c6f41ac67fa320297c2d980dfdbba32b0fbae942f1267
d7be4681a8b465a0154813ed900269d675350b70bbad9ee6c24414eb7804966c
da220e768d9b100cebab14d87b6460a0dda5e3f67b0e54ab07d5a368ae8b4bcd
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
defa9a9c86073ae29302eb6dffc6a57882461b9c0a95cf0c7a8cf5dc2493f805
e1b9d621ad8eec78bb711d6b0f9730dd21ac6a6570442e9d70119ffb43d1c4a6
e2033ab5933830716738396254615ea30eeed0988cdf8914047d57056debdc28
e26a97b929a1cb24042ea36ccb8a4d3253a51038428a608983b72e979eac7d0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d2b7360a9bf8026dbb7e871f990531ddce0b63c957c91290209253bf5e0435
e6ea6624a776b6c82f56b4d009489d3527d33ec9791dc2c00883c4c53229d371
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f75ec940ee870089f8d042e01c6617812f70e6b7ebf4b483428cdc914826a
f413d6047013023732d26f684d2cdf52385498f6119991d510fe100ab51a1f7a
f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6aba7b5e6234e85d6174ebaf76c4564a09eee57ed34bab6d3a468068120f7ad
f7d8d2866ada4db0b5df9f13ac287e5b7420fe99ed2a851eeb6559677d1beabb
f8f828ed4be8ad9e3b01739bdfc4640661762137c1abf4b7280f42c800432fa9
f93e1166c9cd40d33e22febd5edfde97e5f495689782ea116ee63ef7acf2091c
fb4c9bbeed2aa7fc0461b59147e4ad09841b9309030f8a22ffa8a2e7296e2ebc
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fcb29b2c86fc2ed9f60bac1978d630533d808ebda3740ac9f6066910f1946776
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

www.u-pull-it.com Open in urlscan Pro 172.67.178.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

93 %HTTPS

0 %IPv6

27 Domains

35 Subdomains

18 IPs

7 Countries

2737 kBTransfer

7868 kBSize

30 Cookies

4 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.u-pull-it.com Open in urlscan Pro
172.67.178.77 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

93 %
HTTPS

0 %
IPv6

27
Domains

35
Subdomains

18
IPs

7
Countries

2737 kB
Transfer

7868 kB
Size

30
Cookies

200 HTTP transactions
23 data transactions