ykihmski.sayout.net Open in urlscan Pro
2606:4700:3030::ac43:cd5c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ykihmski.sayout.net/
Effective URL:
https://ykihmski.sayout.net/
Submission: On November 08 via api (November 8th 2025, 1:45:29 pm UTC) from US — Scanned from US

Summary HTTP 77 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 17 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3030::ac43:cd5c, located in and belongs to CLOUDFLARENET, US. The main domain is ykihmski.sayout.net.
TLS certificate: Issued by WE1 on October 5th 2025. Valid for: 3 months.

This is the only time ykihmski.sayout.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::ac43:cd5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
6	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::8b	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c23::9c	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4004:c08::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c21::9b	15169 (GOOGLE) (GOOGLE)
3	13.248.254.31 13.248.254.31	16509 (AMAZON-02) (AMAZON-02)
1	3.162.3.66 3.162.3.66	16509 (AMAZON-02) (AMAZON-02)
2	108.138.78.140 108.138.78.140	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	199.250.162.129 199.250.162.129	26459 (TTD-ASN-01) (TTD-ASN-01)
1	185.151.204.50 185.151.204.50	205184 (ADJUST-DE...) (ADJUST-DE Adjust GmbH)
3	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c23::63	15169 (GOOGLE) (GOOGLE)
77	27

8 2606:4700:3030::ac43:cd5c (None, )

ASN13335 (CLOUDFLARENET, US)

ykihmski.sayout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sayout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sayout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c0b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c23::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c08::65 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c21::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.254.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac802201f43ccb83c.awsglobalaccelerator.com

enduser.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-66.yul62.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.78.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-78-140.iad12.r.cloudfront.net

v.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.250.162.129 (United States)

ASN26459 (TTD-ASN-01, US)

va6-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.151.204.50 (United States)

ASN205184 (ADJUST-DE Adjust GmbH, DE)

view.adjust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c23::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 750 www.google.com — Cisco Umbrella Rank: 2	77 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 212	312 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 62	24 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	68 KB
8	sayout.net ykihmski.sayout.net sayout.net cdn.sayout.net	51 KB
6	adsrvr.org enduser.adsrvr.org — Cisco Umbrella Rank: 1117 v.adsrvr.org — Cisco Umbrella Rank: 5810 va6-bid.adsrvr.org — Cisco Umbrella Rank: 2702	31 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 341 ep2.adtrafficquality.google — Cisco Umbrella Rank: 348	26 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 585	138 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 247	273 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3521	41 KB
1	adjust.com view.adjust.com — Cisco Umbrella Rank: 3219	1021 B
1	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1057	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 64
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 397	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	136 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 308	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 864	31 KB
77	17

	Domain	Requested by
15	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	ykihmski.sayout.net pagead2.googlesyndication.com googleads.g.doubleclick.net ep2.adtrafficquality.google
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	csi.gstatic.com	imasdk.googleapis.com
5	sayout.net	ykihmski.sayout.net
3	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
3	enduser.adsrvr.org	imasdk.googleapis.com
3	cdnjs.cloudflare.com	ykihmski.sayout.net cdnjs.cloudflare.com
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
2	v.adsrvr.org	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	ykihmski.sayout.net googleads.g.doubleclick.net
2	stackpath.bootstrapcdn.com	ykihmski.sayout.net
2	ykihmski.sayout.net	static.cloudflareinsights.com
1	www.google.com	ep2.adtrafficquality.google
1	view.adjust.com
1	va6-bid.adsrvr.org
1	choices.trustarc.com	googleads.g.doubleclick.net
1	tpc.googlesyndication.com	googleads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	ykihmski.sayout.net
1	cdn.sayout.net	ykihmski.sayout.net
1	www.googletagmanager.com	ykihmski.sayout.net
1	cdn.jsdelivr.net	ykihmski.sayout.net
1	code.jquery.com	ykihmski.sayout.net
77	26

This site contains links to these domains. Also see Links.

Domain
sayout.net

Subject Issuer	Validity	Valid
sayout.net WE1	`2025-10-05` - `2026-01-03`	3 months	crt.sh
bootstrapcdn.com WE1	`2025-11-07` - `2026-02-05`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-09-17` - `2025-12-16`	3 months	crt.sh
upload.video.google.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.jquery.com Sectigo Public Server Authentication CA DV E36	`2025-06-12` - `2026-06-26`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2025 Q2	`2025-06-02` - `2026-07-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-10-22` - `2026-01-20`	3 months	crt.sh
*.gstatic.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.google.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M03	`2025-02-14` - `2026-03-14`	a year	crt.sh
adtrafficquality.google WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.adjust.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-03-10` - `2026-04-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://ykihmski.sayout.net/
Frame ID: 347CFD01A39D157B8ECF4499885B45A7
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html
Frame ID: 30AEA0D0F4F240EE624F2DDE620C38A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376973141729383&output=html&adk=1812271804&adf=3025194257&lmt=1762609531&plaf=2%3A2%2C7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fykihmski.sayout.net%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1762609531092&bpp=24&bdt=406&idt=195&shv=r20251106&mjsv=m202511050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1033823412465&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095685&oid=2&pvsid=6267734208331786&tmod=1103152537&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: 07B349A42E53A7DB43E97D5005737B36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376973141729383&output=html&h=280&slotname=8625715155&adk=1319669541&adf=745599300&pi=t.ma~as.8625715155&w=1200&fwrn=4&fwrnh=100&lmt=1762609531&rafmt=1&format=1200x280&url=https%3A%2F%2Fykihmski.sayout.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1762609531116&bpp=3&bdt=430&idt=226&shv=r20251106&mjsv=m202511050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1033823412465&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095685&oid=2&pvsid=6267734208331786&tmod=1103152537&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=237
Frame ID: 3892E9D04ED85CA3144CD36E9A5094B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html
Frame ID: 0739E82B560EBE3C8AA278F147C98093
Requests: 26 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 0F24887116EACF1E47C88B588F611E94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 897A5B24617B048CA20B44EBC8BDD06F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ykihmski - SayOut.Net

Page URL History Show full URLs

http://ykihmski.sayout.net/ HTTP 307
https://ykihmski.sayout.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

100 %
HTTPS

81 %
IPv6

17
Domains

26
Subdomains

27
IPs

2
Countries

1224 kB
Transfer

6976 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sayout.net/

Search URL Search Domain Scan URL

URL: https://sayout.net/Home/About
Title: About Us

Search URL Search Domain Scan URL

URL: https://sayout.net/Home/Contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://sayout.net/Account/Register
Title: Register

Search URL Search Domain Scan URL

URL: https://sayout.net/Account/Login
Title: Login

Search URL Search Domain Scan URL

URL: https://sayout.net/Home/Terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://sayout.net/Home/Privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ykihmski.sayout.net/ HTTP 307
https://ykihmski.sayout.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ykihmski.sayout.net/
Redirect Chain

http://ykihmski.sayout.net/
https://ykihmski.sayout.net/

15 KB
6 KB

949ms
868ms

Document
text/html

2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff1d91815a0005af5c3565675cc3a300b993947d53e3d82d141f0afa887dcf7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 99b582d93b4b7288-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 08 Nov 2025 13:45:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Zz2EpGGj%2F3A6orywNqRNmyX%2F6VYVljM2PON5q1%2FUH1w8rOcRA2kYu%2FnM445BDxl7ij2INYoFpynMwRWeuX1VPIwVuJZvc6Jmn4o3tYFy%2F27DyYR3wpqxZhvB%2B2Zw8jY%3D"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=9,cfOrigin;dur=826 cfExtPri
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://ykihmski.sayout.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 132ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "816af0eddd3b4822c2756227c7e7b7ee"
age: 622340
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 08/13/2025 18:23:01
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 52b0dcdbe171af092b8b2a2b835d09f2
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.33
cf-ray: 99b582df6dee0f47-EWR
access-control-allow-origin: *
cdn-edgestorageid: 1234
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 117ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6421d693-4940"
age: 94040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WCcV6Pq4DQ9VxIzFtBI4yvTT0H6WcBo9cVqLhIfGxE8x%2BrByQ%2FHbIy7uGukBqPs32yujRdRAgbMg%2F8PAVZttuj5%2BwJ94kGjHeThNS3c1pLE33if5boXuTRJatjDzr3Bcu4Ksjc4MQ3sT2TMEmB7FkU1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 29 Oct 2026 13:45:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 99b582df68c425d8-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18752
server: cloudflare

GET
H3 200 style.css
sayout.net/ 11 KB
3 KB 52ms
42ms Stylesheet
text/css 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sayout.net/style.css?v=11
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3501fc77110c8be21d9b6cee2b4d7f9ac9b674ac3803b8975571b5aef948abc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2c19-68ac9b83-4f2471;br"
age: 97444
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OiL%2FDjeTlk1hc7tREmUM5WRqXV6jVeFTgtO82k%2Bs7lPpoEk5Ng0LUnlCKmuxd0%2FOSejYcdZ1oCM8XTPFKvAGMQqKWtH1WleqvMU%2BR48FU9mHXPE7s24%3D"}]}
expires: Sun, 14 Sep 2025 14:06:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Mon, 25 Aug 2025 17:21:07 GMT
content-type: text/css
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99b582defb737288-EWR
accept-ranges: bytes
content-length: 2491
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 153ms
57ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Sans:ital,wght@0,100..700;1,100..700&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

482216daf5b0c317499775d197127ff43a74230f6fbc45729172ae031e476e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 13:45:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 08 Nov 2025 13:45:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
31 KB 126ms
34ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 3214816
x-cache: HIT, HIT
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 201735, 46259
x-served-by: cache-lga21981-LGA, cache-ewr-kewr1740070-EWR
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1762609531.805428,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 142ms
32ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
age: 1430619
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230054-FRA, cache-ewr-kewr1740090-EWR
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7655
x-jsd-version: 1.16.1

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
16 KB 119ms
37ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "02d223393e00c273efdcb1ade8f4f8b1"
age: 438550
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 06/28/2025 02:32:12
cdn-requestpullcode: 200
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f8055960041d168610da94d8154b5c45
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.31
cf-ray: 99b582df6def0f47-EWR
access-control-allow-origin: *
cdn-edgestorageid: 1236
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 ajax.js Show response
sayout.net/ajax/ 5 KB
1 KB 50ms
42ms Script
text/javascript 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sayout.net/ajax/ajax.js?v=4
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d19c6ef2882a3e1933c8e213f25f3bad892a1e999d9157cc13062420a130ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "152d-68a725f7-4f2481;br"
age: 4004
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5ZeoWAXA6hwozIdvFTPpKzKoCpcG93msmZxgBfbvh5s8Iy9hv7cBu%2FDNeq%2Fjb7WsRDQlrDUoa5NeymS435YMV72Z%2BrRvNTYi0wg26F8NDYWxVSzty14%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Thu, 21 Aug 2025 13:58:15 GMT
content-type: text/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99b582defb747288-EWR
accept-ranges: bytes
content-length: 662
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
54 KB 164ms
55ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376973141729383

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af41115cf48df930e638bcdc9da34f5d6644ecb11a0db07baaf10814f492867b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://ykihmski.sayout.net
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
etag: 13688184422607819325
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 13:45:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55213
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 391 KB
136 KB 171ms
63ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48P48Y8C8F

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb0698bf37a2062ed06aebde3894867b2558183ceed32ec590da25a5376bb24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 08 Nov 2025 13:45:31 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139088
date: Sat, 08 Nov 2025 13:45:31 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 logo.png
sayout.net/ 9 KB
9 KB 36ms
35ms Image
image/png 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://sayout.net/logo.png
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76077c3ca0504b0ececa18ad9f824dc133be4e0cec5f9769fc1aa704edcc9899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cf-cache-status: HIT
etag: "2228-67e9dbd5-4f2453;;;"
age: 187411
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ujhNOE0PYamXQMmhhrM1TxUHZBmCyCQJBuq3HqNYQsHRjEYcBoig5wTOn8XiGObq5XhfxMmkDgs3wxa1F9oF1hKOYW1G%2F3cjeM8LBKvisesLToDTs7o%3D"}]}
expires: Mon, 22 Sep 2025 22:51:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Mon, 31 Mar 2025 00:03:33 GMT
content-type: image/png
vary: accept-encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99b582e03b837288-EWR
accept-ranges: bytes
content-length: 8744
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 c45a4e0f2c13e67f.jpg
cdn.sayout.net/avatars/ 14 KB
15 KB 214ms
178ms Image
image/jpeg 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.sayout.net/avatars/c45a4e0f2c13e67f.jpg
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1acdd768eb31a779d880dd917a7dac4e380b85778b248ec33a955217554dd708

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cf-cache-status: MISS
etag: "b59cf79ea5fbdd1c395d946a71dd12fd"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zx1xYKAw9F38%2BkurnrvDtLYsyLTIJyJVzJYCyQ5ZQ3RgtwXI0efGeUJWbA%2F7hQTKHhKpxhSDPNp%2BHOOZPH3yxvQlS2ER7eFDD1AsH0qdBZvumTw40X3kNsy3"}]}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 2cAx6og_kxj2YbXPjoCMNUe-33m09rhrc4NkIEN6scAn4V9FPQ3F0A==
date: Sat, 08 Nov 2025 13:45:30 GMT
content-type: image/jpeg
last-modified: Sat, 08 Nov 2025 09:41:27 GMT
vary: accept-encoding
priority: u=2,i
server-timing: cfExtPri
cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
via: 1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
cf-ray: 99b582df2b787288-EWR
accept-ranges: bytes
content-length: 14272
x-amz-cf-pop: JFK50-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 logo-purple.png
sayout.net/ 14 KB
14 KB 45ms
38ms Image
image/png 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://sayout.net/logo-purple.png
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c34c217b526a2721d31cd4730598bcd337788d6473faf4a86fdd0dd97ef658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cf-cache-status: HIT
etag: "37a2-687fd43e-4fc622;;;"
age: 549521
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CkGGYeu1yQ2lZakoqSpDdykKuSj0nHD%2B1MAVxUMUTFXvAjU40FEWMC916xzcc6PZDCiU6GirEAB7xwNLkO6HCiUf2IxbIKbKHdZnzWeaGCZgL37d1dg%3D"}]}
expires: Sun, 12 Oct 2025 02:52:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:30 GMT
last-modified: Tue, 22 Jul 2025 18:11:10 GMT
content-type: image/png
vary: accept-encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99b582defb757288-EWR
accept-ranges: bytes
content-length: 14242
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 129ms
44ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://ykihmski.sayout.net
Referer: https://ykihmski.sayout.net/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 99b582e0d862c52b-EWR
access-control-allow-origin: *
date: Sat, 08 Nov 2025 13:45:31 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v34/ 28 KB
28 KB 109ms
33ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v34/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Josefin+Sans:ital,wght@0,100..700;1,100..700&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21efe1559a026f9ad7f880772917faa3a621186688e8e79e0568e4308c0bafa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://ykihmski.sayout.net
Referer: https://fonts.googleapis.com/

Response headers

age: 70771
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 07 Nov 2026 18:06:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 07 Nov 2025 18:06:00 GMT
last-modified: Thu, 04 Sep 2025 17:12:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28528
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 97ms
96ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://ykihmski.sayout.net
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-24a6c"
age: 72620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e86PpV2aJKAgDzZwxxi7s4lJSV8REj3pCtuV2c7VkHzZ5WqjZnrOuzRBdHVXjhfU998BXhweiMhfWkE6OWmzFbH9lT9vfKZjdVwa7vz4OlHm8BVcsS8vuyKoNhxaag7II1MAsEE653gBQNoyShnmjUio"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 29 Oct 2026 13:45:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:31 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 99b582e0b85fc3ab-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 150124
server: cloudflare

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 105 KB
106 KB 54ms
53ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://ykihmski.sayout.net
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-1a5f4"
age: 441329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhWFalJBgtxtbNlyIDEcBXosSN6EOosd%2B9cM%2FToKKqAwCCy%2FCTtoV5Chg4ux4RIy8ZySK6MCbWaIA005fEaTLgdAMuB1Fx0z96DFK4a2E39%2B3%2Fkqohp2yZff19Qdak2KO6t%2BNF0reJfXTQ95jjBCnAUo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 29 Oct 2026 13:45:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:31 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 99b582e0b861c3ab-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108020
server: cloudflare

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/ 500 KB
165 KB 73ms
72ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376973141729383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77c000689eddb29065be773172411f8adf47c844d241ee5ef1fd1aae6da521a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
etag: 2812027845815057387
age: 13679
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 09:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 08 Nov 2025 09:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 169265
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 146ms
50ms Fetch
text/plain 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-48P48Y8C8F&gtm=45je5b50v875551238za200zd875551238&_p=1762609530904&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=337485421.1762609531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115583767~115616985~115938465~115938469~116217636~116217638&sid=1762609531&sct=1&seg=0&dl=https%3A%2F%2Fykihmski.sayout.net%2F&dt=ykihmski%20-%20SayOut.Net&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1551
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48P48Y8C8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ykihmski.sayout.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:31 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/ Frame 30AE 8 KB
4 KB 143ms
36ms Document
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 55695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Nov 2025 22:17:16 GMT
etag: 7188602577369524748
expires: Fri, 21 Nov 2025 22:17:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20bg-sabr%20mb-3%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ykihmski.sayout.net
URL: https://ykihmski.sayout.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 08 Nov 2025 13:45:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07B3 95 KB
19 KB 471ms
382ms Document
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376973141729383&output=html&adk=1812271804&adf=3025194257&lmt=1762609531&plaf=2%3A2%2C7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fykihmski.sayout.net%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1762609531092&bpp=24&bdt=406&idt=195&shv=r20251106&mjsv=m202511050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1033823412465&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095685&oid=2&pvsid=6267734208331786&tmod=1103152537&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bd97659a3e0d9b074935e8b9751b38743ed272002b4bda259cfb1f464b9ae2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Nov 2025 13:45:31 GMT
expires: Sat, 08 Nov 2025 13:45:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3892 2 KB
1020 B 248ms
195ms Document
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376973141729383&output=html&h=280&slotname=8625715155&adk=1319669541&adf=745599300&pi=t.ma~as.8625715155&w=1200&fwrn=4&fwrnh=100&lmt=1762609531&rafmt=1&format=1200x280&url=https%3A%2F%2Fykihmski.sayout.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1762609531116&bpp=3&bdt=430&idt=226&shv=r20251106&mjsv=m202511050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1033823412465&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095685&oid=2&pvsid=6267734208331786&tmod=1103152537&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=237

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37d6a57b8c0b0d73e9f7816ba9ebda9941d270a69ef1193133a3be3249cc2fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Nov 2025 13:45:31 GMT
expires: Sat, 08 Nov 2025 13:45:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 40ms
38ms Fetch
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ykihmski.sayout.net/

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/ 190 KB
63 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/reactive_library_fy2021.js?bust=31095685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6602301a459f7d662125825fc5d7116917bc9c5222780029eec6821d78a86b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
etag: 2396161956666253808
age: 75519
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 16:46:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 07 Nov 2025 16:46:52 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 64920
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-1376973141729383 Show response
fundingchoicesmessages.google.com/i/ 210 KB
68 KB 186ms
75ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1376973141729383?href=https%3A%2F%2Fykihmski.sayout.net&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b5ed3a51c80089872c540f383dbfacb9ad345dc0ecb4265cbda8c7b9ff27911

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2l-NgdgDYdeFGfn1_Ta0ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBiOHHrNtMFIG69eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCbHrzF6g7EZn63We2AuNrdi60ZiG39fdhcgXjff1-2Y0AsxMPxe9LeE2wCD048ucqspJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpoaGCmZ2AcX2AAABzXQqU"
content-security-policy: script-src 'report-sample' 'nonce-2l-NgdgDYdeFGfn1_Ta0ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 150ms
45ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMzLvgdTMMxggNEKoi5wG9a0b2R1Fw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v9g4-J-Y89zWLVezub1iCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6OP5P2nmAT-DBvRrSSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAHisK0k"
content-security-policy: script-src 'report-sample' 'nonce-v9g4-J-Y89zWLVezub1iCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 152ms
49ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J9X1PHnmH6mOCIScpvJjFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6OP5P2nmATmPD-RoySS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAIoEK4M"
content-security-policy: script-src 'report-sample' 'nonce-J9X1PHnmH6mOCIScpvJjFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 148ms
47ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7x9eMGz87U3D6txkWOtPRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6OP5P2nmATmLDwa7SSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAHaKK0Y"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7x9eMGz87U3D6txkWOtPRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxW6YVqFPlC7EgJ3IYJvoKc69XNMA5YZY0nfZW_m2t3ejeTaeXUQhdZ1fmAsZPc2fWsrZEdxvqo0VlFMOPNKMpCJf-0vG67CXYORPyrvN8oIQL6XlpWfVklki-rCHCUugfRnAwKaug== Show response
fundingchoicesmessages.google.com/f/ 2 KB
2 KB 55ms
54ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW6YVqFPlC7EgJ3IYJvoKc69XNMA5YZY0nfZW_m2t3ejeTaeXUQhdZ1fmAsZPc2fWsrZEdxvqo0VlFMOPNKMpCJf-0vG67CXYORPyrvN8oIQL6XlpWfVklki-rCHCUugfRnAwKaug==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYyNjA5NTMyLDkxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lraWhtc2tpLnNheW91dC5uZXQvIixudWxsLFtbOCwiUkNTd09pSG5ydXciXSxbOSwiZW4tVVMiXSxbMjMsIjE3NjI2MDk1MzEiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwiIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

608ba252ac83934c2a7ecd6387d5812a131aa4fdeca56d3bb594c1f26fd5af1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qLgale59QOGa0BnsAjBtSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBiaL15jnU6EHctOs86B4gNFS6xOgPxh_rLrD-AuEjiCmsLEH-qusEqUn2DNYn9JmsJEJsevMXqDsRmfrdZ7YC42t2LrRmIbf192FyBeN9_X7ZjQCzEzfFn0t4TbAI3ft20UdJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDQw0zMwji8wAAC6Iz0j"
content-security-policy: script-src 'report-sample' 'nonce-qLgale59QOGa0BnsAjBtSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/ Frame 0739 8 KB
0 0ms
0ms Document
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 55695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Nov 2025 22:17:16 GMT
etag: 7188602577369524748
expires: Fri, 21 Nov 2025 22:17:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0739 21 KB
2 KB 146ms
56ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6182b1cbcd08174f2dc7eb2d65036aa68cd510971385d1f5cf7d5aea1c72604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 13:45:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 08 Nov 2025 12:17:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/ Frame 0739 15 KB
3 KB 150ms
43ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 62229
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sat, 07 Nov 2026 20:28:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 07 Nov 2025 20:28:23 GMT
last-modified: Mon, 27 Oct 2025 10:37:46 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2920
x-xss-protection: 0
server: sffe

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/ Frame 0739 380 KB
132 KB 150ms
43ms Script
text/javascript 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6508c96e32ad5e667aca92b92341b14c4133abf04cea7dfd244d5c7745b15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 3948
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sun, 08 Nov 2026 12:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 12:39:44 GMT
last-modified: Mon, 27 Oct 2025 10:37:46 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 134737
x-xss-protection: 0
server: sffe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 0739 20 KB
9 KB 161ms
42ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 11924741404489600640
age: 5535
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 12:13:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 08 Nov 2025 12:13:17 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8624
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxX0qmgtwWDYA4upAbnMGreWS9eA-bFzRJ8nbU57XSOTzDhyJYI7xPsT7XMhGYo3_Y1Bsx5yHT-8VAJZAt0dzUaQfh3J7O0El2vxHNFBxNH96EJ6cRJO93CBJP2gvVCvIU4ysYLkTg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
52ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX0qmgtwWDYA4upAbnMGreWS9eA-bFzRJ8nbU57XSOTzDhyJYI7xPsT7XMhGYo3_Y1Bsx5yHT-8VAJZAt0dzUaQfh3J7O0El2vxHNFBxNH96EJ6cRJO93CBJP2gvVCvIU4ysYLkTg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0VYrufd_Zu1WdlkUnBHNOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6OP5P2nmATODDveLSSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAHtFK08"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0VYrufd_Zu1WdlkUnBHNOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVju7d8JpnsXdG4xlb84gQCk5TKii7pf80pHwYIsAtAssDimkIbTjMFzTvE1yQD3JHo4GPQo6D-0yba3d9tfjyd98RTwxXbigTLNSxYM9nRDJ7oH_sHc0qM2V8Q6Ytyf1uKeNWsTg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 79ms
79ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVju7d8JpnsXdG4xlb84gQCk5TKii7pf80pHwYIsAtAssDimkIbTjMFzTvE1yQD3JHo4GPQo6D-0yba3d9tfjyd98RTwxXbigTLNSxYM9nRDJ7oH_sHc0qM2V8Q6Ytyf1uKeNWsTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYyNjA5NTMyLDE2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8veWtpaG1za2kuc2F5b3V0Lm5ldC8iLG51bGwsW1s4LCJSQ1N3T2lIbnJ1dyJdLFs5LCJlbi1VUyJdLFsyMywiMTc2MjYwOTUzMSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2f07170cf237b0bbab4611e084b7bdc767abc86a72c81ec6e773bed8437951c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cg1B4za8tunfdt4yj2ebtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBiaL15jnU6EHctOs86B4gNFS6xOgPxh_rLrD-AuEjiCmsLEH-qusEqUn2DNYn9JmsJEJsevMXqDsRmfrdZ7YC42t2LrRmIbf192FyBeN9_X7ZjQCzEzfFn0t4TbAIb1qzIVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDQw0zMwji8wAACoAjyv"
content-security-policy: script-src 'report-sample' 'nonce-Cg1B4za8tunfdt4yj2ebtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 csi
csi.gstatic.com/ Frame 0739 0
534 B 174ms
58ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~mhqc7ffe&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&sei=44752538%2C95363795%2C420706098%2C789179015%2C798227501&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v49/ Frame 0739 39 KB
39 KB 116ms
29ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/

Response headers

age: 76521
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 07 Nov 2026 16:30:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 07 Nov 2025 16:30:11 GMT
last-modified: Mon, 08 Sep 2025 18:08:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0739 0
20 B 150ms
39ms Image
image/gif 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cv3Hve0kPacz6GoXwjrgPw6SSgAi-p-f2dPb-j45XwI23ARABIO65205gyQbIAQWoAwHIAwKqBPYBT9Cm_tRrAFXyDbtvYNr1K_wtViSZXtIshobtwqbXUA6VW4DMzyND2cdFjAtaERZ4SrxTi0DcFiVUZuXbvm6OtOePCv71DPgC0CCwz2f00ht-uS4tuImSL03OGntbTxTPtAWlQDpb_YkPODTCOM_Qircb0et4yENa36ipbG6twcYkA7URdqmGrMk0x8SwJQsWTKQQw3LssWP0dJLWQDzNqfxvbFGNWMcR3uZWIVJLHUpB8vL7F2BTCeLxByIUtwEijybJbS-XMG7Q-nM10qcS6qw-wavZgseb74qrF7Ro1qGW9O6nZeHPOca0G-XGkwweLbfS5D8egAb134C0lKCd3cMBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNX__pfY4pAD-gsCCAGADAGqDQJVU-oNEwjHn5KY2OKQAxUFuAMBHUOSBICIDgnQFQGAFwGyFwQYDFAB&eventType=clickstring&clientTime=1762609532404&ai=Cv3Hve0kPacz6GoXwjrgPw6SSgAi-p-f2dPb-j45XwI23ARABIO65205gyQbIAQWoAwHIAwKqBPYBT9Cm_tRrAFXyDbtvYNr1K_wtViSZXtIshobtwqbXUA6VW4DMzyND2cdFjAtaERZ4SrxTi0DcFiVUZuXbvm6OtOePCv71DPgC0CCwz2f00ht-uS4tuImSL03OGntbTxTPtAWlQDpb_YkPODTCOM_Qircb0et4yENa36ipbG6twcYkA7URdqmGrMk0x8SwJQsWTKQQw3LssWP0dJLWQDzNqfxvbFGNWMcR3uZWIVJLHUpB8vL7F2BTCeLxByIUtwEijybJbS-XMG7Q-nM10qcS6qw-wavZgseb74qrF7Ro1qGW9O6nZeHPOca0G-XGkwweLbfS5D8egAb134C0lKCd3cMBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNX__pfY4pAD-gsCCAGADAGqDQJVU-oNEwjHn5KY2OKQAxUFuAMBHUOSBICIDgnQFQGAFwGyFwQYDFAB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 0739 0
57 B 157ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~mhqc7fg7&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.uo&vast_v=4.0&vmfc=13&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 / Show response
enduser.adsrvr.org/enduser/vast/ Frame 0739 30 KB
30 KB 124ms
33ms XHR
text/xml 13.248.254.31
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://enduser.adsrvr.org/enduser/vast/?t=1&iid=77bdb4d0-1549-40ef-9148-50272543ce16&crid=2s2eorp1&wp=aQ9JewAGvUwBA7gFAASSQ2lRmxSy8pqXZ06rwQ&aid=1&wpc=USD&sfe=1b46c97b&puid=&bdc=71&tdid=&pid=sg2o27m&ag=gxjcyo1&adv=il3m38e&sig=134qN4G53R7tw26XNK3ed_xyXGHsTuRbx8YfT9diyFTQ.&bp=0.351449576520211&cf=9217049&fq=0&td_s=ykihmski.sayout.net&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=150&agsa=&rgz=81210&svbttd=1&dt=PC&osf=Linux&os=Other&br=Chrome&rlangs=en&mlang=&svpid=pub-1376973141729383&did=&rcxt=Other&lat=38.790000&lon=-106.530000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&testid=Google-ORtb-Migration&vpb=Standalone&dc=71&vcc=EKwCGKwCMgIIAjoECAEIAkABUASgAe0HqAF8yAEB0AED6AEMgAIDigIMCAIIAwgHCAUIBggImgICCAegAgKoAgGwAgC4AgDAAgbYAgDgAgD1AgAAAAA.&sv=google&pidi=3634&advi=631622&cmpi=5725406&agi=25274335&cridi=49925941&svi=1&tid=1&cmp=3abl6xc&vrtd=14,15&feo=neogoogle&srca=1&rurl=https%3a%2f%2fykihmski.sayout.net%2f&tsig=A6-nbuYje1gOf0aUJmXQpwEj_8J_08exj8W4mpILpw8.&cc=1~KLUv_WNa1XJFHgDlBwDDzjisgTxvII83gOcN3LUG7FoD1l-Bu94eAohYAnksgTxbBHY_AFWEAbuFAXYBBlgbDIDiCln3D6BzhR7cP2DIBAF4XgAUHwBSL0CeDzBElADhb1KKkgvc0uS3IPmtO7-VxG8F8VqoWC1QXgtTL4wWpF4YLUQE0GjllUBb0VVm5qJLLe3rS6yolvbFwoDWjqw0Psvqs6Bk6cBS5LGgeKwkLDBHT5jl_p-qng8S67t7jcj3CMMv8s3ymfEfkv95v71752PLgYrnUejXb8hVgRWU4E8YBQtnJJQUEPEJQQk4OGjysAzAAQb8QSv0j4H0WQGtHE01K1jEc2JZYCU.&dur=1~KLUv_SMFoCgkha0AAChNPE5VQAR8AK35DfAM-hZ6H8PhAw..&durs=izMzUI&crrelr=&adpt=neog&fpa=414&pcm=3&vc=12&said=hwyUj4H_-xzv6AKLiC3Q0Q&ict=Unknown&auct=1&cxlvs=0&im=1&mc=a85a4d82-6348-47ff-86ff-ddcf1f057dd8&ev=BWBoYB584bEvXeqkc_FymWsgrgPS1yli9qJbgS5Hxkg.&rsv=0.000000419302694106571&abr=4f21563d-7b1d-44d9-9cad-54cd886bad1a&tail=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.254.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac802201f43ccb83c.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 4cbf79a1ea309d67dc27e799645843dd0585bf6de2ac1e60fb2c7d6f2187b42c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

access-control-allow-origin: https://googleads.g.doubleclick.net
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/xml
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0739 0
0 44ms
43ms Fetch
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkqObe0kPacz6GoXwjrgPw6SSgAi-p-f2dPb-j45XwI23ARABIO65205gyQbIAQWoAwGqBPMBT9Cm_tRrAFXyDbtvYNr1K_wtViSZXtIshobtwqbXUA6VW4DMzyND2cdFjAtaERZ4SrxTi0DcFiVUZuXbvm6OtOePCv71DPgC0CCwz2f00ht-uS4tuImSL03OGntbTxTPtAWlQDpb_YkPODTCOM_Qircb0et4yENa36ipbG6twcYkA7URdqmGrMk0x8SwJQsWTKQQw3LssWP0dJLWQDzNqfxvbFGNWMcR3uZWIVJLHUpB8vL7F2BTCeLxByIUtwEijybJbS-XMG7Q-nM10qdQ6IysBzEw821yvkF9d0qWW6y-_cC_gTwBWThAn8rqi8ig3MZ4gAb134C0lKCd3cMBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNX__pfY4pADgAoB-gsCCAGADAGqDQJVU-oNEwjHn5KY2OKQAxUFuAMBHUOSBICIDgnQFQGAFwGyFx4KGBIUcHViLTEzNzY5NzMxNDE3MjkzODMYABgMUAE&sigh=A5k0XcXj_v8&uach_m=%5BUACH%5D&cid=CAQSvgEAwksa0Xgao7sxPMDO0s2qTaAXO2echJ47Qdy__jo0Xk9_0qI1TyWYdpUc9fKMy4jcjLbKoEIbOBY7E4ZIGC4jM6Rt9gaWl2DHnq8OVsKdLsavvv6lOigCitvrx-1BjAGBi-bcVp-Y3BGC7PzZx_C4B9FfbJdUtjFYYZlEwnzg4BDZ7Q4053pmyTI_YS9xVzkM8OtIadcCL2gzQwsVX_r3zVewsSfGG_w1BKVPQ0_2_uxXmVJc8pa_R5SmPcgCGAE&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 13:45:32 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
DATA 200
OK truncated
/ Frame 0739 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b8c3df18d38f9cb9d1a016d15cb2ac6f42d7fe6b8dad1227df9b04a3d83960c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0739 0
57 B 40ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~mhqc7fgq&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 get
choices.trustarc.com/ Frame 0739 739 B
1 KB 221ms
89ms Image
image/png 3.162.3.66
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-66.yul62.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 1667402
expires: Wed, 19 Nov 2025 06:35:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: OsU_I9D9A6QR9CqUfcdNyM81ZVDH52TaNI0LDKMaadNi6SgqqjzN8A==
date: Mon, 20 Oct 2025 06:35:30 GMT
content-type: image/png
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
vary: accept-encoding
cache-control: max-age=2592000
timing-allow-origin: *
pragma: public
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 739
x-amz-cf-pop: YUL62-P2
server: nginx

POST
H2 204 csi
csi.gstatic.com/ Frame 0739 0
57 B 80ms
79ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~mhqc7fkk&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=1984&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&vsrc=none&hcn=0&met.4=arp_a_e.ys~videopreviewvisible.z8&ua_e=1&umsem=0&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H/1.1 206
Partial Content 2s2eorp1_1_11.mp4
v.adsrvr.org/sg2o27m/il3m38e/1wmhprt4/ Frame 0739 4 MB
0 161ms
38ms Media
video/mp4 108.138.78.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://v.adsrvr.org/sg2o27m/il3m38e/1wmhprt4/2s2eorp1_1_11.mp4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.78.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-78-140.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

ETag: "a9ded5248ea869cb71766f4f400f74b4-3"
Age: 29467
Connection: keep-alive
Content-Range: bytes 0-11754467/11754468
Via: 1.1 db50275fc6a3d1f557e22016322e2ba2.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 11754468
X-Amz-Cf-Id: MGgupYG3-Qei8B9ZrT6H5BOsymx3pE9At3dAxMRhjHl0j7ZjCKlbwQ==
Date: Sat, 08 Nov 2025 05:34:26 GMT
Content-Type: video/mp4
Last-Modified: Wed, 29 Oct 2025 02:35:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD12-P2
x-amz-server-side-encryption: AES256

POST
H2 204 csi
csi.gstatic.com/ Frame 0739 0
57 B 68ms
68ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~mhqc7fl5&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=1984&mt=video%2Fmp4&vs=1280x720&ple=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fenduser.adsrvr.org%252Fenduser%252Fvast%252F%253Ft%253D1%2526iid%253D77bdb4d0-1549-40ef-9148-50272543ce16%2526crid%253D2s2eorp1%2526wp%253DaQ9JewAGvUwBA7gFAASSQ2lRmxSy8pqXZ06rwQ%2526aid%253D1%2526wpc%253DUSD%2526sfe%253D1b46c97b%2526puid%253D%2526bdc%253D71%2526tdid%253D%2526pid%253Dsg2o27m%2526ag%253Dgxjcyo1%2526adv%253Dil3m38e%2526sig%253D134qN4G53R7tw26XNK3ed_xyXGHsTuRbx8YfT9diyFTQ.%2526bp%253D0.351449576520211%2526cf%253D9217049%2526fq%253D0%2526td_s%253Dykihmski.sayout.net%2526rcats%253D%2526mste%253D%2526mfld%253D2%2526mssi%253D%2526mfsi%253D%2526uhow%253D150%2526agsa%253D%2526rgz%253D81210%2526svbttd%253D1%2526dt%253DPC%2526osf%253DLinux%2526os%253DOther%2526br%253DChrome%2526rlangs%253Den%2526mlang%253D%2526svpid%253Dpub-1376973141729383%2526did%253D%2526rcxt%253DOther%2526lat%253D38.790000%2526lon%253D-106.530000%2526tmpc%253D%2526daid%253D%2526vp%253D0%2526osi%253D%2526osv%253D%2526bffi%253D41%2526testid%253DGoogle-ORtb-Migration%2526vpb%253DStandalone%2526dc%253D71%2526vcc%253DEKwCGKwCMgIIAjoECAEIAkABUASgAe0HqAF8yAEB0AED6AEMgAIDigIMCAIIAwgHCAUIBggImgICCAegAgKoAgGwAgC4AgDAAgbYAgDgAgD1AgAAAAA.%2526sv%253Dgoogle%2526pidi%253D3634%2526advi%253D631622%2526cmpi%253D5725406%2526agi%253D25274335%2526cridi%253D49925941%2526svi%253D1%2526tid%253D1%2526cmp%253D3abl6xc%2526vrtd%253D14%252C15%2526feo%253Dneogoogle%2526srca%253D1%2526rurl%253Dhttps%25253a%25252f%25252fykihmski.sayout.net%25252f%2526tsig%253DA6-nbuYje1gOf0aUJmXQpwEj_8J_08exj8W4mpILpw8.%2526cc%253D1~KLUv_WNa1XJFHgDlBwDDzjisgTxvII83gOcN3LUG7FoD1l-Bu94eAohYAnksgTxbBHY_AFWEAbuFAXYBBlgbDIDiCln3D6BzhR7cP2DIBAF4XgAUHwBSL0CeDzBElADhb1KKkgvc0uS3IPmtO7-VxG8F8VqoWC1QXgtTL4wWpF4YLUQE0GjllUBb0VVm5qJLLe3rS6yolvbFwoDWjqw0Psvqs6Bk6cBS5LGgeKwkLDBHT5jl_p-qng8S67t7jcj3CMMv8s3ymfEfkv95v71752PLgYrnUejXb8hVgRWU4E8YBQtnJJQUEPEJQQk4OGjysAzAAQb8QSv0j4H0WQGtHE01K1jEc2JZYCU.%2526dur%253D1~KLUv_SMFoCgkha0AAChNPE5VQAR8AK35DfAM-hZ6H8PhAw..%2526durs%253DizMzUI%2526crrelr%253D%2526adpt%253Dneog%2526fpa%253D414%2526pcm%253D3%2526vc%253D12%2526said%253DhwyUj4H_-xzv6AKLiC3Q0Q%2526ict%253DUnknown%2526auct%253D1%2526cxlvs%253D0%2526im%253D1%2526mc%253Da85a4d82-6348-47ff-86ff-ddcf1f057dd8%2526ev%253DBWBoYB584bEvXeqkc_FymWsgrgPS1yli9qJbgS5Hxkg.%2526rsv%253D0.000000419302694106571%2526abr%253D4f21563d-7b1d-44d9-9cad-54cd886bad1a%2526tail%253D1&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 137ms
48ms XHR
application/json 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20251106&st=env&sjk=6267734208331786

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b555ad9ae9a329a40815dc4253a289bb09e702ea3bdae7df4cc2f2d7da99f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13557
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 /
enduser.adsrvr.org/enduser/video/ Frame 0739 0
56 B 43ms
37ms Image
text/plain 13.248.254.31
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://enduser.adsrvr.org/enduser/video/?ve=start&imp=77bdb4d0-1549-40ef-9148-50272543ce16&ag=gxjcyo1&crid=2s2eorp1&cf=9217049&fq=0&t=1&td_s=ykihmski.sayout.net&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=150&agsa=&wp=aQ9JewAGvUwBA7gFAASSQ2lRmxSy8pqXZ06rwQ&rgz=81210&dt=PC&osf=Linux&os=Other&br=Chrome&svpid=pub-1376973141729383&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=Standalone&crrelr=&npt=&cc=2~KLUv_WMdqREM6QH1CQCDTC-3XFtUbk1Uji0qx6WpFdZgyZ1rmi-d2xjMK0lNVsmeWyAa35z6ZdjfTuM1zyzKo3q53ERM8bhk6MmakRiN3EzpeSABAXL-8MK1M2MKCzBy7i2LxJ2N5Wp1aEKaKbbNKidQWZEiAuM3OCnB1AUQro3X2s5dn7ssmdmzZkkHPufyfeth9aFb1mt0q1e3ls3qU7lsbiMkIpIlLZZSo75clX94NWghJ5Awjm55pjYZp6fBAC8hjtdEJACG2TBY2gIm_EBtMefVAiOqd5MHrp5OHcHWD9s0t_DFJlBWnKxq_OI_UUMle_cYrPz94JBjwgz21xgXV2BSog6UvqqL2cQvhK1wjyw3wTybH0RCRdkn2hxpT5FRxyZUYZVovZ9f1SY0vU37_Og1hOc4Q0dfN-6xziUtub16j1oBciwyRhE.&dur=1~KLUv_SMFoCgkha0AAChNPE5VQAR8AK35DfAM-hZ6H8PhAw..&durs=izMzUI&bdc=71&testid=Google-ORtb-Migration&adpt=neog&fpa=414&pcm=3&ict=Unknown&said=hwyUj4H_-xzv6AKLiC3Q0Q&auct=1&cxlvs=0&sfe=1b46c97c&vp=0&ast=https%3A%2F%2Fv.adsrvr.org%2Fsg2o27m%2Fil3m38e%2F1wmhprt4%2F2s2eorp1_1_11.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.254.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac802201f43ccb83c.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 08 Nov 2025 13:45:32 GMT
server: Kestrel

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0739 42 B
64 B 48ms
44ms Image
image/gif 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cv3Hve0kPacz6GoXwjrgPw6SSgAi-p-f2dPb-j45XwI23ARABIO65205gyQbIAQWoAwHIAwKqBPYBT9Cm_tRrAFXyDbtvYNr1K_wtViSZXtIshobtwqbXUA6VW4DMzyND2cdFjAtaERZ4SrxTi0DcFiVUZuXbvm6OtOePCv71DPgC0CCwz2f00ht-uS4tuImSL03OGntbTxTPtAWlQDpb_YkPODTCOM_Qircb0et4yENa36ipbG6twcYkA7URdqmGrMk0x8SwJQsWTKQQw3LssWP0dJLWQDzNqfxvbFGNWMcR3uZWIVJLHUpB8vL7F2BTCeLxByIUtwEijybJbS-XMG7Q-nM10qcS6qw-wavZgseb74qrF7Ro1qGW9O6nZeHPOca0G-XGkwweLbfS5D8egAb134C0lKCd3cMBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNX__pfY4pAD-gsCCAGADAGqDQJVU-oNEwjHn5KY2OKQAxUFuAMBHUOSBICIDgnQFQGAFwGyFwQYDFAB&sigh=TvRVdMjXQog&label=part2viewed&ad_mt=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK neogoogle
va6-bid.adsrvr.org/bid/feedback/ Frame 0739 807 B
1 KB 131ms
29ms Image
image/gif 199.250.162.129
TTD-ASN-01

General

Check archive.org

Download Go to Show image

Full URL: https://va6-bid.adsrvr.org/bid/feedback/neogoogle?t=1&iid=77bdb4d0-1549-40ef-9148-50272543ce16&crid=2s2eorp1&wp=aQ9JewAGvUwBA7gFAASSQ2lRmxSy8pqXZ06rwQ&aid=1&wpc=USD&sfe=1b46c97b&puid=&bdc=71&tdid=&pid=sg2o27m&ag=gxjcyo1&adv=il3m38e&sig=134qN4G53R7tw26XNK3ed_xyXGHsTuRbx8YfT9diyFTQ.&bp=0.351449576520211&cf=9217049&fq=0&td_s=ykihmski.sayout.net&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=150&agsa=&rgz=81210&svbttd=1&dt=PC&osf=Linux&os=Other&br=Chrome&rlangs=en&mlang=&svpid=pub-1376973141729383&did=&rcxt=Other&lat=38.790000&lon=-106.530000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&testid=Google-ORtb-Migration&vpb=Standalone&cc=1~KLUv_WNa1XJFHgDlBwDDzjisgTxvII83gOcN3LUG7FoD1l-Bu94eAohYAnksgTxbBHY_AFWEAbuFAXYBBlgbDIDiCln3D6BzhR7cP2DIBAF4XgAUHwBSL0CeDzBElADhb1KKkgvc0uS3IPmtO7-VxG8F8VqoWC1QXgtTL4wWpF4YLUQE0GjllUBb0VVm5qJLLe3rS6yolvbFwoDWjqw0Psvqs6Bk6cBS5LGgeKwkLDBHT5jl_p-qng8S67t7jcj3CMMv8s3ymfEfEvPn_fbunY8tByqeR6FfvyFXBVZQgj9hFCyckVBSQMQnBCXg4KDJwzIABwb8QSv0j4H0WQGtHE01K1jEc2JZYCU.&dur=1~KLUv_SMFoCgkha0AAChNPE5VQAR8AK35DfAM-hZ6H8PhAw..&durs=izMzUI&crrelr=&adpt=neog&fpa=414&pcm=3&vc=12&said=hwyUj4H_-xzv6AKLiC3Q0Q&ict=Unknown&auct=1&cxlvs=0&im=1&mc=a85a4d82-6348-47ff-86ff-ddcf1f057dd8&ev=BWBoYB584bEvXeqkc_FymWsgrgPS1yli9qJbgS5Hxkg.&rsv=0.000000419302694106571&abr=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

transfer-encoding: chunked
cache-control: must-revalidate, no-cache
pragma: no-cache
x-connection: close
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 1q7isujn
view.adjust.com/impression/ Frame 0739 35 B
1021 B 650ms
440ms Image
image/gif 185.151.204.50
ADJUST-DE Adjust ...

General

Check archive.org

Download Go to Show image

Full URL

https://view.adjust.com/impression/1q7isujn?campaign=TTD_CashCarnival_iOS_US_CTV_20250804_PC&adgroup=gxjcyo1&creative=2s2eorp1&ttd_imp_id=77bdb4d0-1549-40ef-9148-50272543ce16&cross_device_tracking=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.151.204.50 , United States, ASN205184 (ADJUST-DE Adjust GmbH, DE),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
x-content-type-options: nosniff
content-length: 35
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: image/gif
x-frame-options: SAMEORIGIN

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0739 0
19 B 54ms
51ms Image
text/html 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdHXXe0kPacz6GoXwjrgPw6SSgAi-p-f2dPb-j45XwI23ARABIO65205gyQbIAQWoAwHIAwKqBPMBT9Cm_tRrAFXyDbtvYNr1K_wtViSZXtIshobtwqbXUA6VW4DMzyND2cdFjAtaERZ4SrxTi0DcFiVUZuXbvm6OtOePCv71DPgC0CCwz2f00ht-uS4tuImSL03OGntbTxTPtAWlQDpb_YkPODTCOM_Qircb0et4yENa36ipbG6twcYkA7URdqmGrMk0x8SwJQsWTKQQw3LssWP0dJLWQDzNqfxvbFGNWMcR3uZWIVJLHUpB8vL7F2BTCeLxByIUtwEijybJbS-XMG7Q-nM10qdQ6IysBzEw821yvkF9d0qWW6y-_cC_gTwBWThAn8rqi8ig3MZ4gAb134C0lKCd3cMBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNX__pfY4pADgAoB-gsCCAGADAGqDQJVU-oNEwjHn5KY2OKQAxUFuAMBHUOSBICIDgnQFQGAFwGyFx4KGBIUcHViLTEzNzY5NzMxNDE3MjkzODMYABgMUAE&sigh=GLvC3kfiBYM&uach_m=%5BUACH%5D&cid=CAQSvgEAwksa0Xgao7sxPMDO0s2qTaAXO2echJ47Qdy__jo0Xk9_0qI1TyWYdpUc9fKMy4jcjLbKoEIbOBY7E4ZIGC4jM6Rt9gaWl2DHnq8OVsKdLsavvv6lOigCitvrx-1BjAGBi-bcVp-Y3BGC7PzZx_C4B9FfbJdUtjFYYZlEwnzg4BDZ7Q4053pmyTI_YS9xVzkM8OtIadcCL2gzQwsVX_r3zVewsSfGG_w1BKVPQ0_2_uxXmVJc8pa_R5SmPcgCGAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 /
enduser.adsrvr.org/enduser/video/ Frame 0739 0
56 B 39ms
35ms Image
text/plain 13.248.254.31
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://enduser.adsrvr.org/enduser/video/?ve=creativeView&imp=77bdb4d0-1549-40ef-9148-50272543ce16&ag=gxjcyo1&crid=2s2eorp1&cf=9217049&fq=0&t=1&td_s=ykihmski.sayout.net&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=150&agsa=&wp=aQ9JewAGvUwBA7gFAASSQ2lRmxSy8pqXZ06rwQ&rgz=81210&dt=PC&osf=Linux&os=Other&br=Chrome&svpid=pub-1376973141729383&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=Standalone&crrelr=&npt=&cc=2~KLUv_WMdqREM6QH1CQCDTC-3XFtUbk1Uji0qx6WpFdZgyZ1rmi-d2xjMK0lNVsmeWyAa35z6ZdjfTuM1zyzKo3q53ERM8bhk6MmakRiN3EzpeSABAXL-8MK1M2MKCzBy7i2LxJ2N5Wp1aEKaKbbNKidQWZEiAuM3OCnB1AUQro3X2s5dn7ssmdmzZkkHPufyfeth9aFb1mt0q1e3ls3qU7lsbiMkIpIlLZZSo75clX94NWghJ5Awjm55pjYZp6fBAC8hjtdEJACG2TBY2gIm_EBtMefVAiOqd5MHrp5OHcHWD9s0t_DFJlBWnKxq_OI_UUMle_cYrPz94JBjwgz21xgXV2BSog6UvqqL2cQvhK1wjyw3wTybH0RCRdkn2hxpT5FRxyZUYZVovZ9f1SY0vU37_Og1hOc4Q0dfN-6xziUtub16j1oBciwyRhE.&dur=1~KLUv_SMFoCgkha0AAChNPE5VQAR8AK35DfAM-hZ6H8PhAw..&durs=izMzUI&bdc=71&testid=Google-ORtb-Migration&adpt=neog&fpa=414&pcm=3&ict=Unknown&said=hwyUj4H_-xzv6AKLiC3Q0Q&auct=1&cxlvs=0&sfe=1b46c97c&vp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.254.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac802201f43ccb83c.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 08 Nov 2025 13:45:32 GMT
server: Kestrel

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0739 42 B
64 B 48ms
46ms Image
image/gif 2607:f8b0:4004:c23::9c
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20251106/r20190131/zrt_lookup_fy2021.html

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sat, 08 Nov 2025 13:45:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 csi
csi.gstatic.com/ Frame 0739 0
20 B 44ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~mhqc7flj&c=2896544856535&slotId=1448272428267&qqid=CIyk_5fY4pADFQW4AwEdQ5IEgA&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=1984&mt=video%2Fmp4&vs=1280x720&dm=48000&event_name=first_play&asset_bytes=149223&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=5&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.15y~ff.16i~videopreviewstarted.16j
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H3 204 rum Show response
ykihmski.sayout.net/cdn-cgi/ 0
462 B 31ms
29ms XHR
text/plain 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ykihmski.sayout.net/cdn-cgi/rum?
Requested by: Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: application/json
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=E3AvQlM0A76CNiMA8G9doGLL3XDIDoGtLZOlzxoWlH7tguJdWU8I%2BxqeUen6m%2FnJZ%2BT9Udbel8MiFmb0hNuRVT8YjHkVH56CgXTmcVsohF9MwSHmh1p8o1D0koS5qek%3D"}]}
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
cf-ray: 99b582ec6bee7288-EWR
access-control-allow-origin: https://ykihmski.sayout.net
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/plain
vary: Origin, accept-encoding
server: cloudflare
priority: u=1,i

GET
H3 200 favicon.ico
sayout.net/assets/icons/ 15 KB
3 KB 37ms
37ms Other
image/x-icon 2606:4700:3030::ac43:cd5c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sayout.net/assets/icons/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cd5c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af024eac9fcc7ea834b52bfee8e1390624b494511cf078dd4144f208865bf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "3aee-68887ba2-e39bf3;br"
age: 362806
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oVP93%2F9eT60p%2BTWRO1MB9Zq%2FrJt2muws2mUxoKCqZz8hcbFJ1f9K0zeWYyMNYGmxs73YY2V6sjLzIyu47er%2FtJ1hv%2B222R5DCKpPlvqbpfp3HmohU2k%3D"}]}
expires: Tue, 28 Oct 2025 00:09:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 08 Nov 2025 13:45:32 GMT
last-modified: Tue, 29 Jul 2025 07:43:30 GMT
content-type: image/x-icon
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99b582ec6bef7288-EWR
accept-ranges: bytes
content-length: 2197
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 AdsRotateNEW2right. Show response
fundingchoicesmessages.google.com/f/AGSKWxUTA8HCcg-y97PHcABU-uzgpk3RVx1-S2Ab1AFrA6XiHvV68JvqvmPLOz1CGlSd3-v7VC_zgOHQw7TxESW80eU50XOojvaKmlo0ulUla__4Wvk-Wg3r1sDIWLNwWiUo0czawTRMB8sOnKIhnc3LL9W986S26... 54 B
108 B 56ms
55ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUTA8HCcg-y97PHcABU-uzgpk3RVx1-S2Ab1AFrA6XiHvV68JvqvmPLOz1CGlSd3-v7VC_zgOHQw7TxESW80eU50XOojvaKmlo0ulUla__4Wvk-Wg3r1sDIWLNwWiUo0czawTRMB8sOnKIhnc3LL9W986S26062-0PvhvqX7k0UYKwkVpbzsTmZA-Vj/_/zalando-ad-/ads-no-/adv_display./sponsored_listings./AdsRotateNEW2right.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RCSwOiHnruw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzLvgdTMMxggNEKoi5wG9a0b2R1Fw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

284235a864193b0feec2626566a18ca2c5f295d99f64eb328595cb4b40d72398

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dxoT1Dxv4bNDDz4kVNkEpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBiaL15jnU6EHctOs86B4gNFS6xOgPxh_rLrD-AuEjiCmsLEH-qusEqUn2DNYn9JmsJEJsevMXqDsRmfrdZ7YC42t2LrRmIbf192FyBeN9_X7ZjQCzEw_Fn0t4TbAIzLsy8wqykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkamhoYKZnYBxfYAAA5nk9Fw"
content-security-policy: script-src 'report-sample' 'nonce-dxoT1Dxv4bNDDz4kVNkEpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 30ms
29ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RCSwOiHnruw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzLvgdTMMxggNEKoi5wG9a0b2R1Fw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 75087
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 16:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 07 Nov 2025 16:54:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VKtr-SoZvfoRD04FdGg0lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIR6OP5P2nmATeHD38WVmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRqaGhgpmdgFl9gAADOySw7"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VKtr-SoZvfoRD04FdGg0lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 155ms
45ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511050101/show_ads_impl_fy2021.js?bust=31095685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 13:45:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kP-RzwymgKw4TTShTrqeGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6Ov5P2nmAT-HB8M4eSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAHpdK0Y"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kP-RzwymgKw4TTShTrqeGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kT_-l5hVfRwxwqRST4jDWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6Ov5P2nmATuLHkrJCSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0NDDTMzCLLzAAAHBHKyg"
content-security-policy: script-src 'report-sample' 'nonce-kT_-l5hVfRwxwqRST4jDWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
48ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Aet-aLXqbVO1HxixxMYxfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6Ov5P2nmATuHGvS0TJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGpjpGZjFFxgAAHI_Kyk"
content-security-policy: script-src 'report-sample' 'nonce-Aet-aLXqbVO1HxixxMYxfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXaEexoSLFvfe7SVuv-cutTa3rSVl7UGmxOZvqUKT3lKdtYNGGFigY4Ydk78pM3fN6H9s1TTiPII81Elap7wDjVbuPUqB-mKuRmoYy44QwI0iuxIJIXHgYBzCh3hathMVIfd969zA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
61ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXaEexoSLFvfe7SVuv-cutTa3rSVl7UGmxOZvqUKT3lKdtYNGGFigY4Ydk78pM3fN6H9s1TTiPII81Elap7wDjVbuPUqB-mKuRmoYy44QwI0iuxIJIXHgYBzCh3hathMVIfd969zA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYyNjA5NTMzLDE0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3lraWhtc2tpLnNheW91dC5uZXQvIixudWxsLFtbOCwiUkNTd09pSG5ydXciXSxbOSwiZW4tVVMiXSxbMjMsIjE3NjI2MDk1MzEiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwiIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

781e7ec66bb523ad576977bc64c14fed8a9cf975b7a1b27e5464d57144859d67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DOqk4H6k8hZNhL0rI20q2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BiaL15jnU6EHctOs86B4gNFS6xOgPxh_rLrD-AuEjiCmsLEH-qusEqUn2DNYn9JmsJEJsevMXqDsRmfrdZ7YC42t2LrRmIbf192FyBeN9_X7ZjQCzEzfF30t4TbAIz1s2VUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDQw0zMwji8wAACPCTw2"
content-security-policy: script-src 'report-sample' 'nonce-DOqk4H6k8hZNhL0rI20q2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUoy9s1X9FYG5yLjL0yL0uKbkt5TDZ3ZTcS9hdo-nRluQYhTgVtjqzbxRC9nCh_k9JOovkaszoIAlz2TkftRHO5aH-4Dic0K7qGuoFsvcMfYg51rdw9AHpNJgHG5aSGM-5TjBjQMA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
50ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoy9s1X9FYG5yLjL0yL0uKbkt5TDZ3ZTcS9hdo-nRluQYhTgVtjqzbxRC9nCh_k9JOovkaszoIAlz2TkftRHO5aH-4Dic0K7qGuoFsvcMfYg51rdw9AHpNJgHG5aSGM-5TjBjQMA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CaY5i5bYcf5CFrZi4huPOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0pBiWMS_i-lD_WXWH0Bs5neb1Q6Iq9292JqB2Nbfh80ViIW4Of5O2nuCTeBF1wNjJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRqaGhgpmdgFl9gAAAvJyzN"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CaY5i5bYcf5CFrZi4huPOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
50ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXQVayjsFgk3hhRU9a31FgJsCoFtFashA1FIVpZJUvxYDUY-gli--XMfamu7uXU5zttFFUwso4D5aKPoQen4y30xATIoxVOhYhdZ1xdgObZwX1qCFM20lPIHtqNziP0Mn_JAahxw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CrqgzcYsDOlIl40gUmvfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ykihmski.sayout.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:45:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIW6Ov5P2nmATWLCzyUTJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGpjpGZjFFxgAAFnzKts"
content-security-policy: script-src 'report-sample' 'nonce-CrqgzcYsDOlIl40gUmvfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ykihmski.sayout.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 0F24 13 KB
5 KB 129ms
43ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Nov 2025 13:41:30 GMT
expires: Sat, 08 Nov 2025 14:31:30 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 897A 829 B
570 B 156ms
51ms Document
text/html 2607:f8b0:4004:c23::63
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c23::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

920c423c5a8713a6171e8fb353da9c951f2505fd0c9762585d15c11f9c3ea4a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A4f_NeyokIwKFMWUjJ9qMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ykihmski.sayout.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-A4f_NeyokIwKFMWUjJ9qMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Nov 2025 13:45:33 GMT
expires: Sat, 08 Nov 2025 13:45:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 21irhFMdVkUrqCw1koJ5OXF0fG0Zts9AVdBMEMn6tis.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F24 53 KB
20 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21irhFMdVkUrqCw1koJ5OXF0fG0Zts9AVdBMEMn6tis.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db58ab84531d56452ba82c359282793971747c6d19b6cf4055d04c10c9fab62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 684
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sun, 08 Nov 2026 13:34:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 08 Nov 2025 13:34:09 GMT
last-modified: Mon, 03 Nov 2025 09:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20538
x-xss-protection: 0
server: sffe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 897A 0
17 B 40ms
40ms Image
image/ 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20251106&jk=6267734208331786&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 08 Nov 2025 13:45:33 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 0F24 0
40 B 32ms
30ms Image
text/plain 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?996hKA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 08 Nov 2025 13:45:33 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 102ms
100ms Image
image/ 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20251106&jk=6267734208331786&bg=!hIelh8jNAAaIPp6FqD47ADQBe5WfOG8EbLLdj_HiCAvezcQEqJPsKH9nHrDCLR_qzq3Vku1KUTOgHof5gWrYrPnuYIeaAgAAAIhSAAAACGgBB34AN2H2u4l4dhXOY8P_iHMiPm1LwqpVPRt9HH582-ykfZ-JqWzqevqyc1fKIrY5qKiLip8b5RqsddcKAN4q3_lyNCwk95D1DuUdphaPbaIqBlxE3To9byMP6OJlw0Ogy2bbbDae9ApSAqYPAVW1J-sLl-QD1pFszx5_Tpms-afyeiGRExcGHwXpCQ16viFZ3-A2nYdmz_dI-Ft3qyJCsXGx0zyh8XKB8hi8snL-zUj9nfNPmBKtG-Q3HwzaXi1yYJ_fWNNrJ4s4i_ZC2vsCHymavbUKUlrr47jGfpQnmNCBWjK8tNMmRvYTVgXHomRK2rCAA7oRX_QCNJMkcidO-drods0AP_UKlXj0iZOm6NwzxpFVbPq01sgEKfSZAnNconuKmvtuHg8tV0dgMZuJ00c3uIyhFinZjE-aTBSyXtYXxScts_Q2FJHnwAhgDw6x7054V2IInfpQtqsOzBG4giqvamBonbeSFvuBBL4KTp7HolMDsUXN5ZwEZpOUjhTVQR16SAO5VsLo32PjzYNrAFf9V15kutxrpY_Dz7maw0MD2AD0inFblILHtXa5smHPAsc5RDut3-ACewOmSsqIMI_2Xo-Iap5VyLOUQbYIFCDjXk6UDgRDxWuwHLamBpqbtBMLSRK5ehZw7C1hkdD_TSLkJ9kEs-_MyU8bRW_Hyv8CjlDDWoqGL1ODx5k3zmlhjDyQ_tKWAXxdE_WHwRkeAZuFOw11yg5Hxa-GJbznklu7bpqRSi8c87DoW8-FwUEQFigZ-227_TCK_ifZR4WcXRqqh7sJWEvUG4ALxtLfTRw9o2_xBKo9WVB_TcYoiTzDtwSXgMNUD69FW-vjCy3PiZaFSw52bgs-nfiett44oNLZvBKFGC4QxKcIZeqznI5PTY8hdCNVs6N43no41mVzHKTawKUoA1obGw9sOfNB2u6oKEhwhZ4EwilySJgF9psCoSdz7T39QjRz2R5SFJuI5vUXCzR_QO63JoT6y8P-n4JyoSM4dph4Dy02AENgM-P1aVp1wvy6T0Ul5zZH0lIskGlxYaSqqbLHSkbkwNDC3rhEpNAbkem0L1JvrPxIsnASq31TaSoWZo_IPcgo6arap79KdYxIofprXr4sUT2RNqSEiN8fhntIcQoCAdbKpmiP8iXXlNbh8oYsp5xUpG2_3bZ8i2FbR9t_Nd-eH9J8YPC5HLmLmsseF_GIP0oNZ4c_FnM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ykihmski.sayout.net/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 08 Nov 2025 13:45:34 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H/1.1 206
Partial Content 2s2eorp1_1_11.mp4
v.adsrvr.org/sg2o27m/il3m38e/1wmhprt4/ Frame 0739 64 KB
0 1ms
0ms Media
video/mp4 108.138.78.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://v.adsrvr.org/sg2o27m/il3m38e/1wmhprt4/2s2eorp1_1_11.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.78.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-78-140.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Range: bytes=4005152-

Response headers

ETag: "a9ded5248ea869cb71766f4f400f74b4-3"
Age: 29467
Content-Range: bytes 4005152-11754467/11754468
Via: 1.1 db50275fc6a3d1f557e22016322e2ba2.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 7749316
X-Amz-Cf-Id: MGgupYG3-Qei8B9ZrT6H5BOsymx3pE9At3dAxMRhjHl0j7ZjCKlbwQ==
Date: Sat, 08 Nov 2025 05:34:26 GMT
Content-Type: video/mp4
Last-Modified: Wed, 29 Oct 2025 02:35:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD12-P2
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

68 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ykihmski.sayout.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: mmaailgc5408i9ts4ouba2qmm6
.sayout.net/	1970-01-21 19:12:49	Name: _ga Value: GA1.1.337485421.1762609531
.sayout.net/	1970-01-21 19:12:49	Name: _ga_48P48Y8C8F Value: GS2.1.s1762609531$o1$g0$t1762609531$j60$l0$h0
.sayout.net/	1970-01-21 18:58:25	Name: __gads Value: ID=3c0712d8bd22a0af:T=1762609531:RT=1762609531:S=ALNI_MbQxqvnw9fkVXRoxmPyvNr7aDzB0g
.sayout.net/	1970-01-21 18:58:25	Name: __gpi Value: UID=00001309d829b062:T=1762609531:RT=1762609531:S=ALNI_MaPDAm1rs0gl7kKfFvmjWJ5zkSZEQ
.sayout.net/	1970-01-21 13:56:01	Name: __eoi Value: ID=f60384172cffdb6d:T=1762609531:RT=1762609531:S=AA-AfjYmSll1f8m_7lZFycP5AWAJ
.sayout.net/	1970-01-21 18:58:25	Name: FCCDCF Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B32%2C%22%5B%5C%22e13aefac-82b9-4f15-894d-868c56058dcd%5C%22%2C%5B1762609532%2C63000000%5D%5D%22%5D%5D%5D
.doubleclick.net/	1970-01-21 19:12:49	Name: IDE Value: AHWqTUnz8FKf3btdOLAaoZg-a3JjHL0zNAV-RUUy5sOZj3cnnqXBbCuwnERMBz7Xs8M
.adsrvr.org/	1970-01-21 18:22:25	Name: TDID Value: abe91969-1f12-441c-b32a-03c1b45a409a
.adsrvr.org/	1970-01-21 18:22:25	Name: TDCPM Value: CAEYBTgBQgQiAggB
.sayout.net/	1970-01-21 18:22:25	Name: FCNEC Value: %5B%5B%22AKsRol_8xUX1_FhsR3QHcp-TzrV7YP8RRQN8992XgscMSuX8MDDIZfthciVcHwZLFXjh6XPf6PFaeU2QbqZxbYKATQUTqH5rhQeHMq5v4RAnMcGYSh8PRA6R2LtIBWME04TkzMuul5CZijAKlNiJPPTGSDnPboeiFg%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0101900440F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.sayout.net
cdnjs.cloudflare.com
choices.trustarc.com
code.jquery.com
csi.gstatic.com
enduser.adsrvr.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
sayout.net
stackpath.bootstrapcdn.com
static.cloudflareinsights.com
tpc.googlesyndication.com
v.adsrvr.org
va6-bid.adsrvr.org
view.adjust.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ykihmski.sayout.net
108.138.78.140
13.248.254.31
185.151.204.50
199.250.162.129
2001:4860:4802:32::3
2606:4700:3030::ac43:cd5c
2606:4700::6810:5049
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::65
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c17::84
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::61
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::9b
2607:f8b0:4004:c23::63
2607:f8b0:4004:c23::9c
2a04:4e42:400::649
2a04:4e42:600::485
3.162.3.66
0b555ad9ae9a329a40815dc4253a289bb09e702ea3bdae7df4cc2f2d7da99f49
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1acdd768eb31a779d880dd917a7dac4e380b85778b248ec33a955217554dd708
1b5ed3a51c80089872c540f383dbfacb9ad345dc0ecb4265cbda8c7b9ff27911
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
21efe1559a026f9ad7f880772917faa3a621186688e8e79e0568e4308c0bafa9
284235a864193b0feec2626566a18ca2c5f295d99f64eb328595cb4b40d72398
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
37d6a57b8c0b0d73e9f7816ba9ebda9941d270a69ef1193133a3be3249cc2fc6
3bd97659a3e0d9b074935e8b9751b38743ed272002b4bda259cfb1f464b9ae2d
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
482216daf5b0c317499775d197127ff43a74230f6fbc45729172ae031e476e0b
4b8c3df18d38f9cb9d1a016d15cb2ac6f42d7fe6b8dad1227df9b04a3d83960c
4cbf79a1ea309d67dc27e799645843dd0585bf6de2ac1e60fb2c7d6f2187b42c
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
608ba252ac83934c2a7ecd6387d5812a131aa4fdeca56d3bb594c1f26fd5af1d
6602301a459f7d662125825fc5d7116917bc9c5222780029eec6821d78a86b85
69af024eac9fcc7ea834b52bfee8e1390624b494511cf078dd4144f208865bf4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70d19c6ef2882a3e1933c8e213f25f3bad892a1e999d9157cc13062420a130ff
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
76077c3ca0504b0ececa18ad9f824dc133be4e0cec5f9769fc1aa704edcc9899
77c000689eddb29065be773172411f8adf47c844d241ee5ef1fd1aae6da521a2
781e7ec66bb523ad576977bc64c14fed8a9cf975b7a1b27e5464d57144859d67
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
920c423c5a8713a6171e8fb353da9c951f2505fd0c9762585d15c11f9c3ea4a7
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
af41115cf48df930e638bcdc9da34f5d6644ecb11a0db07baaf10814f492867b
c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61
c2f07170cf237b0bbab4611e084b7bdc767abc86a72c81ec6e773bed8437951c
c4c34c217b526a2721d31cd4730598bcd337788d6473faf4a86fdd0dd97ef658
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cff1d91815a0005af5c3565675cc3a300b993947d53e3d82d141f0afa887dcf7
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
db58ab84531d56452ba82c359282793971747c6d19b6cf4055d04c10c9fab62b
e3501fc77110c8be21d9b6cee2b4d7f9ac9b674ac3803b8975571b5aef948abc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0698bf37a2062ed06aebde3894867b2558183ceed32ec590da25a5376bb24f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6182b1cbcd08174f2dc7eb2d65036aa68cd510971385d1f5cf7d5aea1c72604
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa6508c96e32ad5e667aca92b92341b14c4133abf04cea7dfd244d5c7745b15e
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

ykihmski.sayout.net Open in urlscan Pro 2606:4700:3030::ac43:cd5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

81 %IPv6

17 Domains

26 Subdomains

27 IPs

2 Countries

1224 kBTransfer

6976 kBSize

11 Cookies

7 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ykihmski.sayout.net Open in urlscan Pro
2606:4700:3030::ac43:cd5c Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

81 %
IPv6

17
Domains

26
Subdomains

27
IPs

2
Countries

1224 kB
Transfer

6976 kB
Size

11
Cookies

77 HTTP transactions
1 data transactions