www.shiningapples.com Open in urlscan Pro
103.83.81.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.shiningapples.com/
Submission Tags: @phishunt_io
Submission: On February 16 via api (February 16th 2022, 12:55:54 am UTC) from DE — Scanned from DE

Summary HTTP 125 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 125 HTTP transactions. The main IP is 103.83.81.74, located in India and belongs to HOSRAJA-AS Ovi Hosting Pvt Ltd, IN. The main domain is www.shiningapples.com.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.

This is the only time www.shiningapples.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	103.83.81.74 103.83.81.74	135822 (HOSRAJA-A...) (HOSRAJA-AS Ovi Hosting Pvt Ltd)
2	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
125	19

26 103.83.81.74 (India)

ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN)
PTR: host.gordhan.in

www.shiningapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shiningapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	547 KB
26	shiningapples.com www.shiningapples.com shiningapples.com	386 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 2229 adservice.google.com — Cisco Umbrella Rank: 59 clients1.google.com — Cisco Umbrella Rank: 379	168 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	125 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	136 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 www.googleapis.com — Cisco Umbrella Rank: 30 fonts.googleapis.com — Cisco Umbrella Rank: 35	36 KB
4	gstatic.com www.gstatic.com	25 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	114 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	12 KB
1	seadform.net track.seadform.net — Cisco Umbrella Rank: 85995
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	651 B
125	13

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	www.shiningapples.com	www.shiningapples.com
14	pagead2.googlesyndication.com	www.shiningapples.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.shiningapples.com
9	shiningapples.com	www.shiningapples.com
8	www.google.com	2 redirects www.google.com www.shiningapples.com tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.shiningapples.com www.google-analytics.com
2	cse.google.com	www.shiningapples.com www.google.com
2	www.facebook.com	www.shiningapples.com www.facebook.com
1	track.seadform.net	www.shiningapples.com
1	clients1.google.com	www.shiningapples.com
1	www.googleapis.com	www.shiningapples.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.shiningapples.com
125	20

This site contains links to these domains. Also see Links.

Domain
shiningapples.com

Subject Issuer	Validity	Valid
shiningapples.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.shiningapples.com/
Frame ID: 6313C9E8B43165B1F40FCAA13E5DE603
Requests: 53 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FShiningapples%2F497871116966305&width=450&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false
Frame ID: AA8C14243544FD8D06500B52FAA273B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html
Frame ID: 1C26895F6DCA78A492AE892987014C33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2206259558&adf=2983447366&pi=t.ma~as.2449112880&w=379&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=379x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949759&bpp=5&bdt=1039&idt=203&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&correlator=1203681039267&frm=20&pv=2&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4PIqW9bQDd&p=https%3A//www.shiningapples.com&dtd=219
Frame ID: 6F7C9673AC79287CE1AA6D2BC1639671
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226
Frame ID: 3E6B3462B5D2B0AD6A309C071CD44E10
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&adk=1812271804&adf=3025194257&lmt=1644972949&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.shiningapples.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949774&bpp=1&bdt=1054&idt=221&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280%2C584x280&nras=1&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=225
Frame ID: 83DE0523AB79271773F1EAF366AADA97
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 590C470808B056BC5D0D1999A9BF9DD0
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9078C0402F348435965C0A16F18ED616
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1
Frame ID: AEF17F98EC9C865F33AAFCA670569399
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1BE81C0954E14131D0CC38BED40E2D8F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 042A6123E8F00EC07BB9343F4AFFD4AF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 80137A84BFC68C343506EE5451B1FEAD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 964BDCC4D441747A5E067698DFC0CE46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 182F967BA6C8294B2551E3A4DDACC9C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC6FF92342A748C4B44A4EDCB789A9ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F21D474591B254ABB9BABE99FEE7F15
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Portal for information about Health and Entertainment search

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

20
Subdomains

19
IPs

5
Countries

1569 kB
Transfer

3747 kB
Size

7
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: http://shiningapples.com/index.php

Search URL Search Domain Scan URL

URL: https://shiningapples.com/index.php
Title: Home

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Fitness/
Title: Fitness

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Fitness/Diet/
Title: Diet

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Fitness/Physical_Fitness/
Title: Physical Fitness

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Fitness/Medifast/
Title: Medifast

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Health/
Title: Health

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Health/Mental_Health/
Title: Mental Health

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Health/Physical_Health/
Title: Physical Health

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Food/
Title: Food

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Food/Nutrition/
Title: Nutrition

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Food/Food_Cure/
Title: Food Cure

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Insurance/
Title: Insurance

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Insurance/All_Insurance/
Title: All Insurance

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Alternative_Healing/
Title: Alternative Healing

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Alternative_Healing/Meditation/
Title: Meditation

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Alternative_Healing/Reiki/
Title: Reiki

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Alternative_Healing/Pranic_Healing/
Title: Pranic Healing

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Yoga/
Title: Yoga

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Yoga/Yoga_Asanas/
Title: Yoga Asanas

Search URL Search Domain Scan URL

URL: https://shiningapples.com/Yoga/Pranayama/
Title: Pranayama

Search URL Search Domain Scan URL

URL: https://shiningapples.com/directories.php
Title: Directory

Search URL Search Domain Scan URL

URL: https://shiningapples.com/heart_test.php
Title: Heart Risk Test

Search URL Search Domain Scan URL

URL: https://shiningapples.com/diabetes_test.php
Title: Diabetes Risk Test

Search URL Search Domain Scan URL

URL: https://shiningapples.com/health_billionaire.php
Title: Health Billionaire

Search URL Search Domain Scan URL

URL: https://shiningapples.com/sleep_test.php
Title: Sleeping Test

Search URL Search Domain Scan URL

URL: https://shiningapples.com/due_date_calculator.php
Title: Due Date Calculator

Search URL Search Domain Scan URL

URL: https://shiningapples.com/chinese_gender_predictor.php
Title: Chinese Gender Predictor

Search URL Search Domain Scan URL

URL: https://shiningapples.com/birth_rashi_calculator.php
Title: Birth Rashi Calculator

Search URL Search Domain Scan URL

URL: https://shiningapples.com/birth_star_calculator.php
Title: Birth Star Calculator

Search URL Search Domain Scan URL

URL: https://shiningapples.com/obey_weight.php
Title: Body Mass Index

Search URL Search Domain Scan URL

URL: https://shiningapples.com/entertainment.php
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://shiningapples.com/entertainment/ringtones
Title: Ringtones

Search URL Search Domain Scan URL

URL: https://shiningapples.com/contact_us.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Style/
Title: Style

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Style/The_summer_body_plan.htm
Title: The summer body plan

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Men/
Title: Men

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Men/Male_Depression_-_Important_facts.htm
Title: Male Depression - Important facts

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Women/
Title: Women

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Women/Breastfeeding.htm
Title: Breastfeeding

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Women/Depression_In_Women.htm
Title: Depression In Women

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Kids/
Title: Kids

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Kids/Constipation_in_Children.htm
Title: Constipation in Children

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Kids/Pneumonia.htm
Title: Pneumonia

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Kids/Kid%E2%80%99s_Nutrition:_Nutritional_Diet_for_Children.htm
Title: Kid’s Nutrition: Nutritional Diet for Children

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Diseases/
Title: Diseases

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Diseases/Diabetes/
Title: Diabetes

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Diseases/Stroke/
Title: Stroke

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Diseases/Addiction/
Title: Addiction

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Home_Remedies/
Title: Home Remedies

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Home_Remedies/Home_Remedy_Overview.htm
Title: Home Remedy Overview

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Home_Remedies/Home_Remedies_for_Acidity.htm
Title: Home Remedies for Acidity

Search URL Search Domain Scan URL

URL: http://shiningapples.com/Home_Remedies/Home_Remedies_For_Diabetes.htm
Title: Home Remedies For Diabetes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk HTTP 301
https://cse.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

125 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.shiningapples.com/ 43 KB
7 KB 2308ms
213ms Document
text/html 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 0c17af0f675eb842a109c4779ba45d632e4528557e4f67b80c6428bbefcf8d5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 16 Feb 2022 00:55:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6451
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.min.css
shiningapples.com/responsive-css/ 115 KB
19 KB 625ms
159ms Stylesheet
text/css 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://shiningapples.com/responsive-css/bootstrap.min.css
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 600de2ff563196bc336f0613ad9c62a8dbff59f2115b0b807c92749194274ce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Feb 2019 18:47:50 GMT
Server: Apache
ETag: "1ca35-5829424ef8180-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19307

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 49ms
16ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 13:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 13:45:37 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
shiningapples.com/responsive-js/ 35 KB
10 KB 627ms
157ms Script
application/javascript 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://shiningapples.com/responsive-js/bootstrap.min.js
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: e7e8aabf03fd1cf75e8b94cdcad7c1af413dd6ef2b6821d08a11902f9047fcb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 12:04:00 GMT
Server: Apache
ETag: "8c7b-5c9fc7676ec00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9548

GET
H/1.1 200
OK responsiveslides.css
www.shiningapples.com/responsive-css/ 556 B
588 B 163ms
163ms Stylesheet
text/css 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shiningapples.com/responsive-css/responsiveslides.css
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 55e6356e1fb22f6183635bea695a5dc9362dcfa39a66dd8768332d62426c4a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Feb 2019 18:47:51 GMT
Server: Apache
ETag: "22c-5829424fec3c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 269

GET
H/1.1 200
OK responsiveslides.min.js Show response
www.shiningapples.com/responsive-js/ 3 KB
2 KB 155ms
154ms Script
application/javascript 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shiningapples.com/responsive-js/responsiveslides.min.js
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 980e776da23b58a374792f5fe9ee09a8835ef3d8abcf0c2d6c8189ee7af2a23a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Feb 2019 18:49:50 GMT
Server: Apache
ETag: "d52-582942c168f80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1479

GET
H/1.1 200
OK logo.jpg
shiningapples.com/images/ 19 KB
19 KB 156ms
156ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/images/logo.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 6296a67d5eab90038c66180fdecf319682116030a64148621fa979c0a08605d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:45:29 GMT
Server: Apache
ETag: "4c38-582941c880440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19512

GET
H/1.1 200
OK shining-apple-1.jpg
www.shiningapples.com/home_article1/ 12 KB
12 KB 163ms
163ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/home_article1/shining-apple-1.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: f5b43bbd1b691883f7b5a36110df96906fcb059c08184a833ae1dbe9c19bbe8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:44:26 GMT
Server: Apache
ETag: "30c1-5829418c6b680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12481

GET
H/1.1 200
OK shining.jpg
www.shiningapples.com/home_article1/ 12 KB
12 KB 155ms
154ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/home_article1/shining.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 1e02d5756f20ea20d0606469921e58b6bf3747a3aec12dbfedfd8241c042197d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:44:26 GMT
Server: Apache
ETag: "2f8b-5829418c6b680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12171

GET
H/1.1 200
OK sha.jpg
www.shiningapples.com/home_article1/ 11 KB
11 KB 651ms
171ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/home_article1/sha.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: fe11f6521ef8f2c53b8ba3c5ca6376f5eb62d0a70642c80292c7a5d7e983b948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:50 GMT
Last-Modified: Sat, 23 Feb 2019 18:44:26 GMT
Server: Apache
ETag: "2a49-5829418c6b680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10825

GET
H/1.1 200
OK 1374927702reiki1.jpg
www.shiningapples.com/uploads/articles/ 28 KB
28 KB 647ms
167ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1374927702reiki1.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 375c90d23ff2debed539582b3ca3675e2302765eb8f7c3c278d1bd3fcdc9d963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:50 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:44 GMT
Server: Apache
ETag: "6ed8-5829436759700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 28376

GET
H/1.1 200
OK 1374928158meditation_s.jpg
www.shiningapples.com/uploads/articles/ 12 KB
12 KB 662ms
174ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1374928158meditation_s.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: ca49799b310ba660d7df9b0b357c66211526928062bb53909743cd7feb2c4a6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:50 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:44 GMT
Server: Apache
ETag: "2ffe-5829436759700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12286

GET
H/1.1 200
OK 1374223836home.jpg
www.shiningapples.com/uploads/articles/ 9 KB
10 KB 672ms
175ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1374223836home.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 6be6457447da340ddf106150f26c1560062acfc6a17ef3d8233d92d5ad113e31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:50 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:41 GMT
Server: Apache
ETag: "25b5-582943647d040"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9653

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 153ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e17470abad88ac00fc86e29f370e1a9f8b176b8dff65e4e6dce20a46cd166e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53759
x-xss-protection: 0
server: cafe
etag: 10193291391299535189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Feb 2022 00:55:49 GMT

GET
H/1.1 200
OK shining-apple.jpg
www.shiningapples.com/uploads/articles/ 10 KB
10 KB 458ms
182ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/shining-apple.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: d169cb8420d1ccd7d3cd5ccff8edf7e4ad1cc0bfad7b4310ebe4eb4e8717c5d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:54 GMT
Server: Apache
ETag: "27a6-58294370e2d80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10150

GET
H/1.1 200
OK 1537507482shining.jpg
www.shiningapples.com/uploads/articles/ 10 KB
10 KB 450ms
173ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1537507482shining.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: d169cb8420d1ccd7d3cd5ccff8edf7e4ad1cc0bfad7b4310ebe4eb4e8717c5d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:53 GMT
Server: Apache
ETag: "27a6-5829436feeb40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10150

GET
H/1.1 200
OK daily_dose.jpg
www.shiningapples.com/images/ 14 KB
14 KB 441ms
164ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/images/daily_dose.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 15962fa6990cd74da4b5108b93504de521eb18f88b9123cd57207619190272f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:45:26 GMT
Server: Apache
ETag: "373f-582941c5a3d80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 14143

GET
H/1.1 200
OK 1374231137article01.jpg
www.shiningapples.com/uploads/articles/ 28 KB
28 KB 433ms
163ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1374231137article01.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 03084328b0cf6e33d2f6d2956915e2ac98a34bc7781c8fbac7495858d749c28c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:41 GMT
Server: Apache
ETag: "6f76-582943647d040"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 28534

GET
H/1.1 200
OK 1375093977insurance_s.jpg
www.shiningapples.com/uploads/articles/ 37 KB
37 KB 434ms
164ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/uploads/articles/1375093977insurance_s.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: fc2d36746ba3e9774dfdeb18544c22c25417bcd2888635b18b0025811b65efb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:52:45 GMT
Server: Apache
ETag: "939a-582943684d940"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37786

GET
H/1.1 200
OK 1374219124article03.jpg
shiningapples.com/uploads/category/ 15 KB
15 KB 157ms
156ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1374219124article03.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 1350011643ab1c79db20a7e3a12983eb543760f63b71b4373f351de8bba9b4ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:42 GMT
Server: Apache
ETag: "3b9b-582943d7e2080"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15259

GET
H/1.1 200
OK 1374904843mens-health.png
shiningapples.com/uploads/category/ 3 KB
4 KB 155ms
154ms Image
image/png 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1374904843mens-health.png
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: ef353824488e3ae1c55bb8bcb9b3be580b82b499c8f4b09763438d5756ead8ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:43 GMT
Server: Apache
ETag: "db1-582943d8d62c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3505

GET
H/1.1 200
OK 1374904890women-health.png
shiningapples.com/uploads/category/ 4 KB
4 KB 311ms
155ms Image
image/png 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1374904890women-health.png
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 30cf533541071fa480ef18481739d489230477126cbdfd2cb36cc854dcef25d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:43 GMT
Server: Apache
ETag: "f6c-582943d8d62c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3948

GET
H/1.1 200
OK 1374905257kids-health.png
shiningapples.com/uploads/category/ 4 KB
4 KB 299ms
156ms Image
image/png 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1374905257kids-health.png
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 2008791c777138f224c07beb57303b78030f7b078da2446058e465b6735c36fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:43 GMT
Server: Apache
ETag: "fbf-582943d8d62c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4031

GET
H/1.1 200
OK 1374924559disease.jpg
shiningapples.com/uploads/category/ 76 KB
77 KB 462ms
168ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1374924559disease.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: dc35610639990e58d639888f267570217bf091282741abab1fb43dc2f6724502

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:44 GMT
Server: Apache
ETag: "130ff-582943d9ca500"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 78079

GET
H/1.1 200
OK 1375086092home_remedies.jpg
shiningapples.com/uploads/category/ 12 KB
13 KB 463ms
165ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shiningapples.com/uploads/category/1375086092home_remedies.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 9619dfba2fa346c8aa1c83d315e25c9e6cf246d0e422027a4e935b71dcd50727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:54:43 GMT
Server: Apache
ETag: "31cf-582943d8d62c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12751

GET stylesheet.css
shiningapples.com/responsive-css/ 0
0

GET stylesheet.css
shiningapples.com/css/ 0
0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame AA8C 15 KB
9 KB 87ms
71ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FShiningapples%2F497871116966305&width=450&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8872429ac851bd3f3375b9a4089625fac3b66c4977e62cc9eca376682abc73c2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: AaQWCgqf0NsxdQ1CIsv3SMTywqbwTFfrW/ODs+XUUWTGmhPMzsq++DBVn3DcAiNGvGiHyX8yvpLE/zaFC9N+Wg==
date: Wed, 16 Feb 2022 00:55:49 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk
https://cse.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

7 KB
3 KB

172ms
71ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c6e2ebf505032e353f5ce2e6f832150018d460e871d377f5f2e9987372483321

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Wed, 16 Feb 2022 00:55:49 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2936
x-xss-protection: 0
server: gws
expires: Wed, 16 Feb 2022 00:55:49 GMT

Redirect headers

date: Wed, 16 Feb 2022 00:55:49 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Wed, 16 Feb 2022 01:25:49 GMT

GET
H/1.1 200
OK bg.jpg
www.shiningapples.com/images/ 1 KB
2 KB 296ms
163ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/images/bg.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: b4764187ac4b7e91a2588faa78e4e0ccd900093f9b9abb62192afc07623b8671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:45:26 GMT
Server: Apache
ETag: "5dd-582941c5a3d80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1501

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3057
date: Wed, 16 Feb 2022 00:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Feb 2022 02:04:52 GMT

GET
H/1.1 200
OK shadow.jpg
www.shiningapples.com/images/ 15 KB
15 KB 281ms
155ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/images/shadow.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 2f88ac2d40235b04006c06e3277be5f05968cbcb98981baa4039333642655eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:45:29 GMT
Server: Apache
ETag: "3a2a-582941c880440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14890

GET
H/1.1 200
OK heart.jpg
www.shiningapples.com/images/ 11 KB
11 KB 441ms
168ms Image
image/jpeg 103.83.81.74
HOSRAJA-AS Ovi Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shiningapples.com/images/heart.jpg
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS: host.gordhan.in
Software: Apache /
Resource Hash: 774478a0fff78270d4a8919de92b2ecef7e4e515554752f023fb0b1f2f80008a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 00:55:49 GMT
Last-Modified: Sat, 23 Feb 2019 18:45:27 GMT
Server: Apache
ETag: "2bb6-582941c697fc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11190

GET
H2 200 zytBXt_-UOS.css
www.facebook.com/rsrc.php/v3/yK/l/0,cross/ Frame AA8C 10 KB
3 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/l/0,cross/zytBXt_-UOS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FShiningapples%2F497871116966305&width=450&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15046329c4596e379bfe66fc31b1e5f12ef69624b79e50ca665d95f75759d535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FShiningapples%2F497871116966305&width=450&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +NUEiIIyrdbgQ9OG6m227g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 2983
x-fb-rlafr: 0
x-fb-debug: X74SsS1yY4wr5zIfNki8ftnRR49rjNJ2w2th98ED7IJo+OpgC5vQ6W/QEHK0NifHovnalTBPYR7hWqiKln+dnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Feb 2023 18:39:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 89ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=784676790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shiningapples.com%2F&ul=en-us&de=UTF-8&dt=A%20Portal%20for%20information%20about%20Health%20and%20Entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1266394498&gjid=2051594047&cid=1345035970.1644972950&tid=UA-42647662-1&_gid=605987267.1644972950&_r=1&_slc=1&z=1949908891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shiningapples.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shiningapples.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202100101/ 290 KB
104 KB 110ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2665328786448057&plah=www.shiningapples.com&bust=31064842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b45ff9ff0ba01723ccb0267e3caa989898b26c8870aa634358b1fb966293c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106783
x-xss-protection: 0
server: cafe
etag: 13041456140067538219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Feb 2022 00:55:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/ Frame 1C26 10 KB
5 KB 127ms
42ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 15 Feb 2022 21:01:30 GMT
expires: Tue, 01 Mar 2022 21:01:30 GMT
cache-control: public, max-age=1209600
age: 14059
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/5ddefdcfb9e40bab/ 300 KB
100 KB 101ms
51ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5ddefdcfb9e40bab/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cb8b21eea4af1109e66c8fbed04552f8220874c3543592d1a1efc376397756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102017
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:37:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 12 Feb 2023 18:27:43 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/5ddefdcfb9e40bab/ 41 KB
9 KB 92ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:37:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 12 Feb 2023 18:27:43 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 91ms
41ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000408922673981440228:r8uykedbdrk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 16 Feb 2022 01:37:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
651 B 165ms
55ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.shiningapples.com&callback=_gfp_s_&client=ca-pub-2665328786448057

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2665328786448057&plah=www.shiningapples.com&bust=31064842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f03e0f8fd4509b3710187724d068997c21f3931f756c6e6ae070b6fd583a6264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 168ms
56ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.shiningapples.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 00:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 166ms
56ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.shiningapples.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 00:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F7C 141 KB
18 KB 679ms
616ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2206259558&adf=2983447366&pi=t.ma~as.2449112880&w=379&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=379x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949759&bpp=5&bdt=1039&idt=203&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&correlator=1203681039267&frm=20&pv=2&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4PIqW9bQDd&p=https%3A//www.shiningapples.com&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da962006dee2aca0a455e99d906f8943cba56d9c6ce42809f776323ba8e50872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Feb 2022 00:55:50 GMT
server: cafe
content-length: 18719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Feb 2022 00:55:50 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E6B 69 KB
28 KB 894ms
843ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

974b3c016f5b31bd218ca0bda13b1c6cff18d5ff9acd80201fa8e98fd41111c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Feb 2022 00:55:50 GMT
server: cafe
content-length: 28427
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Feb 2022 00:55:50 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83DE 261 KB
65 KB 824ms
783ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&adk=1812271804&adf=3025194257&lmt=1644972949&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.shiningapples.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949774&bpp=1&bdt=1054&idt=221&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280%2C584x280&nras=1&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01cc01ddb458e84ff4655765214e8570d33faf1fd15318a5a0b388e3c9104ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Feb 2022 00:55:50 GMT
server: cafe
content-length: 66649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Feb 2022 00:55:50 GMT
cache-control: private

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 137 KB
50 KB 95ms
49ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e0662702d63f01b77717e865fa97b7b5e71100aa56dff3a3742bfa1cd03da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7188371559076499668"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Feb 2022 00:55:50 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 41ms
41ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:04:14 GMT
x-content-type-options: nosniff
age: 28296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 15 Feb 2023 17:04:14 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 47ms
46ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 04:12:49 GMT
x-content-type-options: nosniff
age: 420181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 11 Feb 2023 04:12:49 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 16ms
14ms Image
text/plain 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 174ms
51ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.shiningapples.com
URL: https://www.shiningapples.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 590C 220 KB
60 KB 233ms
100ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2206259558&adf=2983447366&pi=t.ma~as.2449112880&w=379&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=379x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949759&bpp=5&bdt=1039&idt=203&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&correlator=1203681039267&frm=20&pv=2&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4PIqW9bQDd&p=https%3A//www.shiningapples.com&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 590C 16 KB
7 KB 173ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 590C 96 KB
29 KB 176ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 590C 74 KB
17 KB 271ms
138ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb965f3699518d8395cfb70d083643955fc2933fe9b4f969c3dc7ea4aedea90

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17272
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8236b39f432ecf96"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 590C 5 KB
2 KB 220ms
88ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 590C 42 KB
13 KB 221ms
89ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
DATA 200
OK truncated
/ Frame 590C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bec074717dac1ab3428912ef86f585beafd781ef793d879a0cee70e22cc8a18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg.jpg
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 23 KB
23 KB 144ms
56ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/bg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c28bc90c021ed9a683d7435a41a93d36af248bb793dd78cc4bf9bac0917ea343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23322
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 card.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 53 KB
53 KB 215ms
127ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/card.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa747311ab238bcf379e5caf321595edd5c07e864b77a31ca7fbee0b50c495a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53936
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 product.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 7 KB
7 KB 197ms
109ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/product.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a823bdd2c637561241bf585ebbba7cbe3b03504bbe007315e72e1edb132debf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:06 GMT
x-content-type-options: nosniff
age: 76844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6758
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 03:35:06 GMT

GET
H2 200 layer.jpg
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 2 KB
2 KB 206ms
118ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/layer.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7338dd66c27fa6a3f03e11fb53a18d28418aced5eac3d0eecf64371c8dbc5d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2115
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 logo.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 10 KB
10 KB 186ms
99ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553e59eed7b30fda7f123c804ec8df575adb1780e23b403b141b2280b371a169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10402
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 push01.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 7 KB
7 KB 177ms
93ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/push01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e32a092d84702f2ea0a0f0f9ecd26cda297261e86d115ead625cf68c82eb4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7496
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 push02.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 6 KB
6 KB 127ms
43ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/push02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb3426629384176157731f7477af2f92e516b469b9fe35873c4f5f9cf683e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:26:56 GMT
x-content-type-options: nosniff
age: 408534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6443
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 07:26:56 GMT

GET
H2 200 push03.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 1 KB
1 KB 204ms
120ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/push03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6051cb2d07b60b2f9c48991c271ec10df1d7b7055ddf8129d42756f02572f413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1289
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 push03b.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 7 KB
7 KB 131ms
47ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/push03b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d4ddd633cff5b6d694e99fb6968634d6f80a1489d30f1330204694289b87f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 bullet01.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 5 KB
6 KB 125ms
41ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/bullet01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

407a72a25dc772b48c8e191ceccefda46f6e4e53f8f83fcd52cd78a5a45cf989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5096
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 bullet02.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 5 KB
5 KB 208ms
124ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/bullet02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e8bb82f0e71456cda1aacc021fb8d452b2a56231f78e09384df4d9414d55f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:07:15 GMT
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5091
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 05:07:15 GMT

GET
H2 200 bullet03.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 6 KB
6 KB 205ms
121ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/bullet03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b567eb29e22b0b767531226035ef2a1d4534f2414b9a3b5662fddb38a0cc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:21:02 GMT
x-content-type-options: nosniff
age: 390888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6259
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 12:21:02 GMT

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/6870025816426215380/images/ Frame 590C 5 KB
5 KB 227ms
143ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6870025816426215380/images/cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989199a120f8523d7f243933d80dc5ab42383e147317f50e02f2ce489164e7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:26:56 GMT
x-content-type-options: nosniff
age: 408534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4962
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:43:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 07:26:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 590C 2 KB
3 KB 203ms
119ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 54852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 16 Feb 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 590C 295 B
399 B 204ms
120ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 54165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Feb 2022 09:53:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 590C 0
21 B 85ms
85ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoCMjlksMYviHBJnG7_UPurWa2AnU0pqraOzGh8LCD9vZHhABIKHYxSFglcKggrAHoAG47dfXA8gBCakCTIUoLUIPsz6oAwHIAwiqBNcBT9AfI3ibbKyWgh9kJdLUPAUbJQyBLrOBQ8B92_Y7yKvRpSuHBb61IRsFjNylI6fKPIWMajHiQGxSjjTEJErUwxZcFymM1T9zrOgIFUtEE_9Pl9Disq_kei2JZ95NAjbUIiRs2VmaOF8ADO2rSFVAC2VIOYUOIwMqdvFCyNFE5K2aoyxA6E0uBYzuAt1Qg0PrEdigFmhF_u0WnCoQ80dtAAHtLkZdEp3tu8YqGo3iiZj3azwsHbdyeNzyLQv7zE796pNsxesvrzjyeZze6XhM4QRr4Y_7irnABIzmwtjxA5IFBAgEGAGSBQQIBRgEoAYugAewkqgoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ288P0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI2NjUzMjg3ODY0NDgwNTcYAA&sigh=wXf0V68oeiE&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2206259558&adf=2983447366&pi=t.ma~as.2449112880&w=379&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=379x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949759&bpp=5&bdt=1039&idt=203&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&correlator=1203681039267&frm=20&pv=2&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4PIqW9bQDd&p=https%3A//www.shiningapples.com&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Feb 2022 00:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Feb 2022 00:55:50 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012202072236000/ 23 KB
8 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7955
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fc09a3fdc14ea30"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 2492037282076738435
tpc.googlesyndication.com/daca_images/simgad/ Frame 3E6B 36 KB
36 KB 94ms
47ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2492037282076738435

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be56ed3c51c1923ce2fb187158c71a028e4d4c137142ae3b05b458821956499f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:12:26 GMT
x-content-type-options: nosniff
age: 49405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36466
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 10:38:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 11:12:26 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 3E6B 19 KB
8 KB 93ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:25:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 3E6B 2 KB
1 KB 124ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E6B 124 KB
38 KB 159ms
60ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 3E6B 15 KB
6 KB 113ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6405
x-xss-protection: 0
server: cafe
etag: 2993485572248006277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:28 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 3E6B 28 KB
11 KB 124ms
84ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d48f9631d1f0bdc6afda4b3be123b482f413106a5afd1e9428f5c716ab7eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11693
x-xss-protection: 0
server: cafe
etag: 12801663180035140163
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 21:37:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E6B 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd_QMlksMYsCBBO3C7_UP39a68A3zy5itaJG-uuLYD_zUzs-MDhABIKHYxSFglcKggrAHoAHy-9PfA8gBAqkCXO63EBcQsz6oAwHIA8kEqgTfAU_QvDMKDw1eI6DdrHcZqXkKiGMnzSdbTN2OGf23xcdklsVRt1Yprh-pJMB2SONvsKg7H2-FY2KsZSTUiRa7WvCfxO1s9UW84dDnLiiRd4HKcNiQdPU0caHt-mJmE3njlRhwZrtKL59DsTXk0KGjI6MHjEtRirelakzN5fFL83J7zEm5lkYwRsHvQrov4ib_JxxeNV1ESpLgOtWL2GiE1udSR3NKhsLtxHTNO3NfpmSt47qC-6mSdFdlwSryk_PUqkZC3MGjSOjU4L_-JKGtQDZoGSGBYUoS94amEFnjSHjABJun9ef2ApIFBAgEGAGSBQQIBRgEoAYCgAfZ5bImqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQg6Ji0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI2NjUzMjg3ODY0NDgwNTcYAA&sigh=ILhBD9UEac4&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Feb 2022 00:55:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202100101/ 151 KB
54 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202100101/reactive_library_fy2019.js?bust=31064842

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b15211969a8da8f0385f03ee81c424fc899e16d950a9a80cdd986fe675890b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55010
x-xss-protection: 0
server: cafe
etag: 13111462256549722553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1900&su=www.shiningapples.com&d=5000&eid=42531398%2C31062423%2C31064842%2C31064019

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 103ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.shiningapples.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.shiningapples.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/ Frame 9078 10 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 15 Feb 2022 22:53:11 GMT
expires: Tue, 01 Mar 2022 22:53:11 GMT
cache-control: public, max-age=1209600
age: 7360
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/ Frame AEF1 10 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 15 Feb 2022 22:53:11 GMT
expires: Tue, 01 Mar 2022 22:53:11 GMT
cache-control: public, max-age=1209600
age: 7360
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BE8 143 B
163 B 43ms
43ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 16 Feb 2022 00:03:13 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 9078 4 KB
1 KB 150ms
59ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:53:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 00:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9078 205 B
519 B 148ms
57ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:44:44 GMT
x-content-type-options: nosniff
age: 11467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 21:44:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9078 604 B
695 B 149ms
58ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:58:26 GMT
x-content-type-options: nosniff
age: 32245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 15:58:26 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/ Frame 9078 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33e0b07093b1d4f4674507b802cb47871087f5cc74ca89e46df5b3dd580b817b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8106
x-xss-protection: 0
server: cafe
etag: 12214739721285136418
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:36:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEF1 4 KB
692 B 148ms
68ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:47:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 00:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame AEF1 2 KB
904 B 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:12:08 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame AEF1 35 B
0 104ms
22ms Fetch
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=44373739;1x1inv=1;srctype=3;ord=4010839390

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:51 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AEF1 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfOXYlksMYs6IBPui9u8PneqWiAewtfeUaJiT5anQDez9vMyTDxABIKHYxSFglcKggrAHoAHI5NeKA8gBCakC0-W9nZgNsz6oAwHIA8sEqgTbAU_QE1X1njFpJTNaffBMfz4Tiw8EPYaoZkueNEjUvDNDDoF16hNt_7wr1rpHUtv6ZMb7nYmBgbfpgkLu9VTB00zIjjVV3hFEJcuETRuvgSZEP_uik-70KHq3PwOLGZqKRKocS18QXUoSDwHKDIzyO007e6gJMfOlWVZrpBVKMuC-G_eRzBWZZC4azm88wDNTtTRw-ut1VwV8NjuV3I3O5-Nywe6Gnl8bXr6GZxUtZxe1s_35nY38kf8HVGZ64OyuDgtPMK-iIFC8C7927wvk7ILwiMrzIV-M6LDOqsAErbWc8q0DkgUECAQYAZIFBAgFGASgBi6AB6CbqHWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCy6TTSCAkIgOGAEBABGB-ACgHICwHYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItMjY2NTMyODc4NjQ0ODA1NxgA&sigh=57EQZHeYTkQ&uach_m=[UACH]&template_id=484

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Feb 2022 00:55:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame AEF1 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:25:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame AEF1 2 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEF1 124 KB
38 KB 97ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame AEF1 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6405
x-xss-protection: 0
server: cafe
etag: 2993485572248006277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:28 GMT

GET
H2 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame AEF1 28 KB
12 KB 116ms
48ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 10:18:59 GMT

GET
DATA 200
OK truncated
/ Frame 3E6B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58f7813d37495a4c018c133b19aec08a8c0d1155558a62d37f285265f02ea48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Feb 2022 00:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Feb 2022 00:55:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Feb 2022 00:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 042A 35 KB
13 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665328786448057&output=html&h=280&slotname=2449112880&adk=2943988043&adf=484300504&pi=t.ma~as.2449112880&w=584&fwrn=4&fwrnh=100&lmt=1644972949&rafmt=1&psa=0&format=584x280&url=https%3A%2F%2Fwww.shiningapples.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644972949764&bpp=1&bdt=1044&idt=222&shv=r20220214&mjsv=m202202100101&ptt=9&saldr=aa&abxe=1&prev_fmts=379x280&correlator=1203681039267&frm=20&pv=1&ga_vid=1345035970.1644972950&ga_sid=1644972950&ga_hid=784676790&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31062423%2C31064842%2C31064019&oid=2&pvsid=4219858524424344&pem=252&tmod=1807051603&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fqgEGWrt9W&p=https%3A//www.shiningapples.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 19:51:18 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/4910348745643962454/ Frame AEF1 16 KB
16 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4910348745643962454/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5325aa4f851c1d4753ad8196f4290df550602fdf56cfec7cac990dc11753dcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 23:27:07 GMT
x-content-type-options: nosniff
age: 437324
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16790
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 12:50:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Feb 2023 23:27:07 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13028642976647191406/ Frame AEF1 790 B
817 B 39ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13028642976647191406/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6022e14eddb6b4746f32f9089d400bc06609ea43b99984741f48982621c5a339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 18:21:03 GMT
x-content-type-options: nosniff
age: 110088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 790
x-xss-protection: 0
last-modified: Mon, 30 Sep 2019 08:03:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 18:21:03 GMT

GET
DATA 200
OK truncated
/ Frame AEF1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 880300face1b4c16481628acb00d01e157fb240aa83f823cd3dc6cc90c25a8d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8013 6 KB
670 B 107ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:54:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 00:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 8013 2 KB
904 B 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:12:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 8013 19 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:25:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 8013 2 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8013 124 KB
38 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 8013 15 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6405
x-xss-protection: 0
server: cafe
etag: 2993485572248006277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:46:28 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 8013 28 KB
11 KB 92ms
38ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 10:18:59 GMT

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 964B 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 19:51:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 94ms
49ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220214&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12ecba5c3de2936bf83806bd5b4ebb4dce0c3e445379ebd81df6dcb24c6a5ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9958
x-xss-protection: 0

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 182F 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: www.shiningapples.com
URL: https://www.shiningapples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 19:51:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 00:55:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC6F 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 21:59:28 GMT
expires: Wed, 15 Feb 2023 21:59:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 10583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F21 783 B
535 B 52ms
51ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

661e8ecda780da01bbece0155e5e95056a9f9951434314efb6f1c1748327e37c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z0Pv7Fzwihmf8e4vST4XTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Feb 2022 00:55:51 GMT
date: Wed, 16 Feb 2022 00:55:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Z0Pv7Fzwihmf8e4vST4XTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame DC6F 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 19:51:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F21 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220214&jk=4219858524424344&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC6F 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k5pDMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:55:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 590C 42 B
64 B 73ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTbcm4H8qo5MznWDQlU3KNHbR1bFcleDtAJEb2HjqvwFPzwzexJrMGuEU5e8zTE9l7R5k-8bILgl3MtWaNoK1nei20ekGaXOTHFnyIoZMh2-sOuzXABw&sai=AMfl-YSuEf2RFcNa6K_dutwfP_1mu9YAs5Zk0wUkX_T91h29Ky2q_g9TonN3LBThiiEGxT5vpW_e0ksm94x1&sig=Cg0ArKJSzE9guhiUkRqSEAE&id=ampim&o=1020,244&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=399&tls=1400&g=100&h=100&tt=1400&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2206259558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E6B 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzyYyxuP91Jvk1__-TzGROpGypbl_bISf9DmLw2QDsKFBK7zU8ifTPLSABg77beh3OvUBzCq-TXnZ-VsJnIAZVMSwavA52n234yjQombr5Q0MrkDp-4Q&sai=AMfl-YRi3E7WMVLCP8lAJ4Is1nfaudKkYJrvwqQABfTZj55XguMPNYsB81VVW8R7UtS36VHyOHGVDTXEqfHX&sig=Cg0ArKJSzLLxCGrZ1M4bEAE&id=lidar2&mcvt=1000&p=0,124,280,460&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2943988043&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644972949991&rpt=1338&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220214&jk=4219858524424344&bg=!Tk2lTQnNAAbAtJCDwLQ7ACkAdvg8Wko3fXxhy15njgj86EJSMyseQDGXG0aeWgyBSUJ9j4T5E_DtGQIAAABqUgAAAANoAQcKAFa2ZOZ0P9m1d5zm6RwYMHDzZ0Fhp9sVGxNObsq9FXiWBmn4mGjNPNhgGc-nuahKGRVNn5l6D04oUmqKOPkZsC-SPZ4V9KtfGypnUe1dMtKZ9Sn9qbU7mJkCwjbKmDvKsEvbLj13whV55QlVN-6luu3aCT7eJCRYNNl5YUBNWrKREa4txBAPaL3HYdEaPZ4BZSXu28ll0JceF9a0zvBXqx3a_JLqyH5U-k4zaDiPxGPH4XmGQu3yQPDPkomHh1qrTpa4CWD_Nn_q3vfbFv2wfpw3YvTDB-LBSHcV3iLcqozJEmVb35Jn6gHMq58agqA1XvlsCdWIq-CGihSn5xPjKgM9-z3fjKs1i2xXMAC9vfmghaCpfr1aScob9UFwhCfS4zrRNVXJzFlN2ryfp75Av6RUUm_JXwVKxOvWh-5nJW9SPc2Ub0Jenbrn7x1OZ1y2YkPF0E2Ff2G6eDHx7tJdgWhZGWDQuY1BO2RXwulooewKPeuSeZQ-eO4v9-X_D2wEUw9woGZJGzzQLE0wpe5by-Y6Zohzys4yyl5_Sxy5o0d-RfHq8BBGhH28LoAm9YQUQgWgIvT8cr19qAOkJjNpzc7krX24tffFPDz8lhksNI6oMX_Cg_0XQfvIvJa6WZvt2vwgeoAxovmJiEBg1X4Kc768tOkFXR7TEFlFjaVQc47zJJzmPh8fmf6O64gmXcumZjN5z1-G0NXo9-DvTNID55NIaBosy5lxwObzb3vFkKhCBsclUrL6lulbJulWTxxYdeU1oV0XklN8raxzroCJSl3V0kvKnoTgmYkwc6HLilBUT8cbXeK6OJ1dWDVCgO0-5QQ49JywMvpwKS_o-cvCXOmafJ5Nu8s9OelhR9qcU_v2AznAS-TleRgaFdywMQM2IZ1W50P3r_eRXWkOd2xFZCOTijvML992Q4P1fCG_jLsoXqheUB24BA9hvM-i5FIH9L6ooKzmVqdE9GHTCvTKrCdLPP7BFPsLBDA3j8e-aNF7TeZqARNTyFgQATyDNLy4OhhDZjhDFA5ff6jV9PZtl8Nsol8eXwLOUmxGaZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shiningapples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEF1 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrO23xAytE7TCorPkCQtmbHvvIkFZfUGHyNVVFI6TChEUi6sdLAg_-j07TzvjJZRxmDitEKGnTOQkp3aUhXMAbW509k24aJ7fm7lf4z7WoLWipMkYFSQ&sai=AMfl-YQFxMUwiKFHP2olF_MgFwh9YtLGCcI0BCAL3dBcBKqZG7jxEe7xB0rDQGM2olfm_6kqp15XEJjmvmmY&sig=Cg0ArKJSzCG5HvQ_3ZXSEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=106,755,1000,1021,1021&tos=106,649,245,21,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644972951174&rpt=304&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 00:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shiningapples.com
URL: http://shiningapples.com/responsive-css/stylesheet.css

Domain: shiningapples.com
URL: http://shiningapples.com/css/stylesheet.css

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.shiningapples.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: al03qnpd1eq7uoim55gv3j1vq3
.shiningapples.com/	1970-01-20 18:27:24	Name: _ga Value: GA1.2.1345035970.1644972950
.shiningapples.com/	1970-01-20 00:57:39	Name: _gid Value: GA1.2.605987267.1644972950
.shiningapples.com/	1970-01-20 00:56:13	Name: _gat Value: 1
.shiningapples.com/	1970-01-20 10:17:48	Name: __gads Value: ID=1c61aa7e982c29df-22897a3140cd0075:T=1644972950:RT=1644972950:S=ALNI_MZiOwUL3pNwyeEnV3lz25F8GP5Rqg
.doubleclick.net/	1970-01-20 10:17:48	Name: IDE Value: AHWqTUmBfeRZWcFeqAtKZssONqa7rh-rHiX_JftCColvjJltiytGjEvm-0Xl3SBPHg8
.doubleclick.net/	1970-01-20 00:56:16	Name: DSID Value: NO_DATA

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/images/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374219124article03.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374904843mens-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374904890women-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374905257kids-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374924559disease.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1375086092home_remedies.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.shiningapples.com/(Line 21) Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://shiningapples.com/responsive-css/stylesheet.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.shiningapples.com/(Line 22) Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://shiningapples.com/css/stylesheet.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.shiningapples.com/(Line 60) Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/images/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374219124article03.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374904843mens-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374904890women-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374905257kids-health.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1374924559disease.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.shiningapples.com/ Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://shiningapples.com/uploads/category/1375086092home_remedies.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js(Line 1) Message: Mixed Content: The page at 'https://www.shiningapples.com/' was loaded over HTTPS, but requested an insecure element 'http://www.shiningapples.com/images/heart.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2665328786448057&fa=1&ifi=5&uci=a!5&btvi=1&xpc=Tpbk7fuv0D&p=https%3A//www.shiningapples.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
clients1.google.com
cse.google.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
shiningapples.com
tpc.googlesyndication.com
track.seadform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.shiningapples.com
shiningapples.com
103.83.81.74
142.250.184.226
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400e:801::200a
2a03:2880:f12d:181:face:b00c:0:25de
37.157.6.253
01cc01ddb458e84ff4655765214e8570d33faf1fd15318a5a0b388e3c9104ce8
03084328b0cf6e33d2f6d2956915e2ac98a34bc7781c8fbac7495858d749c28c
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
0b45ff9ff0ba01723ccb0267e3caa989898b26c8870aa634358b1fb966293c8c
0c17af0f675eb842a109c4779ba45d632e4528557e4f67b80c6428bbefcf8d5a
0d4ddd633cff5b6d694e99fb6968634d6f80a1489d30f1330204694289b87f7a
12ecba5c3de2936bf83806bd5b4ebb4dce0c3e445379ebd81df6dcb24c6a5ddb
1350011643ab1c79db20a7e3a12983eb543760f63b71b4373f351de8bba9b4ef
15046329c4596e379bfe66fc31b1e5f12ef69624b79e50ca665d95f75759d535
15962fa6990cd74da4b5108b93504de521eb18f88b9123cd57207619190272f4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e02d5756f20ea20d0606469921e58b6bf3747a3aec12dbfedfd8241c042197d
2008791c777138f224c07beb57303b78030f7b078da2446058e465b6735c36fa
21e0662702d63f01b77717e865fa97b7b5e71100aa56dff3a3742bfa1cd03da2
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2bec074717dac1ab3428912ef86f585beafd781ef793d879a0cee70e22cc8a18
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2f88ac2d40235b04006c06e3277be5f05968cbcb98981baa4039333642655eeb
30cf533541071fa480ef18481739d489230477126cbdfd2cb36cc854dcef25d9
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33e0b07093b1d4f4674507b802cb47871087f5cc74ca89e46df5b3dd580b817b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
375c90d23ff2debed539582b3ca3675e2302765eb8f7c3c278d1bd3fcdc9d963
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
3eb965f3699518d8395cfb70d083643955fc2933fe9b4f969c3dc7ea4aedea90
407a72a25dc772b48c8e191ceccefda46f6e4e53f8f83fcd52cd78a5a45cf989
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5325aa4f851c1d4753ad8196f4290df550602fdf56cfec7cac990dc11753dcec
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
553e59eed7b30fda7f123c804ec8df575adb1780e23b403b141b2280b371a169
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e6356e1fb22f6183635bea695a5dc9362dcfa39a66dd8768332d62426c4a53
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb8b21eea4af1109e66c8fbed04552f8220874c3543592d1a1efc376397756a
600de2ff563196bc336f0613ad9c62a8dbff59f2115b0b807c92749194274ce5
6022e14eddb6b4746f32f9089d400bc06609ea43b99984741f48982621c5a339
6051cb2d07b60b2f9c48991c271ec10df1d7b7055ddf8129d42756f02572f413
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6296a67d5eab90038c66180fdecf319682116030a64148621fa979c0a08605d7
661e8ecda780da01bbece0155e5e95056a9f9951434314efb6f1c1748327e37c
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
6be6457447da340ddf106150f26c1560062acfc6a17ef3d8233d92d5ad113e31
6e32a092d84702f2ea0a0f0f9ecd26cda297261e86d115ead625cf68c82eb4ee
7338dd66c27fa6a3f03e11fb53a18d28418aced5eac3d0eecf64371c8dbc5d08
774478a0fff78270d4a8919de92b2ecef7e4e515554752f023fb0b1f2f80008a
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
880300face1b4c16481628acb00d01e157fb240aa83f823cd3dc6cc90c25a8d4
8872429ac851bd3f3375b9a4089625fac3b66c4977e62cc9eca376682abc73c2
8aa747311ab238bcf379e5caf321595edd5c07e864b77a31ca7fbee0b50c495a
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b567eb29e22b0b767531226035ef2a1d4534f2414b9a3b5662fddb38a0cc727
8e17470abad88ac00fc86e29f370e1a9f8b176b8dff65e4e6dce20a46cd166e2
8fb3426629384176157731f7477af2f92e516b469b9fe35873c4f5f9cf683e49
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
9619dfba2fa346c8aa1c83d315e25c9e6cf246d0e422027a4e935b71dcd50727
974b3c016f5b31bd218ca0bda13b1c6cff18d5ff9acd80201fa8e98fd41111c7
980e776da23b58a374792f5fe9ee09a8835ef3d8abcf0c2d6c8189ee7af2a23a
989199a120f8523d7f243933d80dc5ab42383e147317f50e02f2ce489164e7bf
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5e8bb82f0e71456cda1aacc021fb8d452b2a56231f78e09384df4d9414d55f9
a823bdd2c637561241bf585ebbba7cbe3b03504bbe007315e72e1edb132debf5
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b15211969a8da8f0385f03ee81c424fc899e16d950a9a80cdd986fe675890b87
b3d48f9631d1f0bdc6afda4b3be123b482f413106a5afd1e9428f5c716ab7eae
b4764187ac4b7e91a2588faa78e4e0ccd900093f9b9abb62192afc07623b8671
be56ed3c51c1923ce2fb187158c71a028e4d4c137142ae3b05b458821956499f
c28bc90c021ed9a683d7435a41a93d36af248bb793dd78cc4bf9bac0917ea343
c6e2ebf505032e353f5ce2e6f832150018d460e871d377f5f2e9987372483321
ca49799b310ba660d7df9b0b357c66211526928062bb53909743cd7feb2c4a6b
d169cb8420d1ccd7d3cd5ccff8edf7e4ad1cc0bfad7b4310ebe4eb4e8717c5d8
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d58f7813d37495a4c018c133b19aec08a8c0d1155558a62d37f285265f02ea48
da962006dee2aca0a455e99d906f8943cba56d9c6ce42809f776323ba8e50872
dc35610639990e58d639888f267570217bf091282741abab1fb43dc2f6724502
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e8aabf03fd1cf75e8b94cdcad7c1af413dd6ef2b6821d08a11902f9047fcb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef353824488e3ae1c55bb8bcb9b3be580b82b499c8f4b09763438d5756ead8ce
f03e0f8fd4509b3710187724d068997c21f3931f756c6e6ae070b6fd583a6264
f5b43bbd1b691883f7b5a36110df96906fcb059c08184a833ae1dbe9c19bbe8f
fc2d36746ba3e9774dfdeb18544c22c25417bcd2888635b18b0025811b65efb2
fe11f6521ef8f2c53b8ba3c5ca6376f5eb62d0a70642c80292c7a5d7e983b948

www.shiningapples.com Open in urlscan Pro 103.83.81.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

83 %IPv6

13 Domains

20 Subdomains

19 IPs

5 Countries

1569 kBTransfer

3747 kBSize

7 Cookies

53 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.shiningapples.com Open in urlscan Pro
103.83.81.74 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

20
Subdomains

19
IPs

5
Countries

1569 kB
Transfer

3747 kB
Size

7
Cookies

125 HTTP transactions
3 data transactions