urlscan.io logo urlscan.io
SecurityTrails logo

toolguyd.com Open in urlscan Pro
2606:4700:3036::ac43:91c9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://toolguyd.com/
Effective URL: https://toolguyd.com/
Submission: On August 02 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 13 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3036::ac43:91c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is toolguyd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.
This is the only time toolguyd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700:3036::ac43:91c9 (United States)

ASN13335 (CLOUDFLARENET, US)
toolguyd.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i1.wp.com
i2.wp.com
i0.wp.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
15    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
25    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
ade.googlesyndication.com
Domain Requested by
25 s0.2mdn.net toolguyd.com
s0.2mdn.net
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 toolguyd.com 1 redirects toolguyd.com
10 tpc.googlesyndication.com 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net toolguyd.com
4 googleads.g.doubleclick.net 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
toolguyd.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 i1.wp.com toolguyd.com
4 www.googletagservices.com toolguyd.com
securepubads.g.doubleclick.net
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
3 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ade.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com toolguyd.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 i0.wp.com toolguyd.com
1 i2.wp.com toolguyd.com
1 pixel.wp.com toolguyd.com
1 stats.wp.com toolguyd.com
1 fonts.googleapis.com toolguyd.com
109 24
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh

This page contains 12 frames:

Primary Page: https://toolguyd.com/
Frame ID: B8B6D7C6F4E771C1D530FD46433079A8
Requests: 41 HTTP requests in this frame

Frame: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E9CF25450A2D4CB52B1DD91A7EEC7C4D
Requests: 1 HTTP requests in this frame

Frame: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5685FF3F0556E8068934CA2D743AA66E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
Frame ID: 53777F6ECE263601F05AFB1A07AC858B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5EFD353482F4B34731E7D8D02F5E8FC0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D07F6241E4EE5ED9DBAF1783A727254F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ABE4CEECB7E433BA75605698343129F5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9774257/838240618811665/index.html
Frame ID: 9860B0168D9B1C2AE5B6D8047704E4EA
Requests: 11 HTTP requests in this frame

Frame: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2851D8D75B71B0D5F4AB67E0FBDFAEDF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
Frame ID: CCFE8D6360F7BD5D6E292A4669DA4A32
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E448A2E345EB980BD6B042333DBA555
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9506911/1604308150708/index.html
Frame ID: 8037931A02084DB222281C98A7AA1DDB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://toolguyd.com/ HTTP 301
    https://toolguyd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

109
Requests

100 %
HTTPS

67 %
IPv6

13
Domains

24
Subdomains

22
IPs

2
Countries

1198 kB
Transfer

2864 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://toolguyd.com/ HTTP 301
    https://toolguyd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Request Chain 54
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfRzZOygNMNWJ0wrMTragAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Request Chain 84
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfRzZOygNMNWJ0wrMTragAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
toolguyd.com/
Redirect Chain
  • http://toolguyd.com/
  • https://toolguyd.com/
82 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07df2ad4f23c772a644f2be070d6a0467c1ba95bb3b26734074a04c3a75a8b37

Request headers

:method
GET
:authority
toolguyd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-type
text/html; charset=UTF-8
link
<https://toolguyd.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/9WhiC>; rel=shortlink
cache-control
max-age=0
expires
Mon, 02 Aug 2021 11:06:51 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJIpRzlQKQONjPMKs%2BYPCbVABQw5vW2AW67J8g%2B3HdwrQA%2BZuVbc4RFnXgAmEXrEUpuE2BDTGzgtumA1vFhSTsQayUgXN8RU8yF5LIKOTtGEBXs1Bn%2Bvay%2FDSGXcH0YorLK8HrWh6qhkG7Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6786d6d1bf2e43b8-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Mon, 02 Aug 2021 11:06:50 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://toolguyd.com/
Cache-Control
max-age=0
Expires
Mon, 02 Aug 2021 11:06:50 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAluUVc0OxpqMBwglu5sRhcfvvRlHzGmfvjIIoh%2FYrmEOlWQD2ZAeshcHAgl7hwWX1W%2Bbw3owu%2FbRWbu1vejTQ8sn3%2FVKiKUa18upgGVMum7zqKFcexbW3Dl5xwiGOIgCH7ByFh4ZorwXjQ%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6786d6cfee704ed9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
autoptimize_749819ba9b467cf50e8674c50d771252.css
toolguyd.com/blog/wp-content/cache/autoptimize/css/ 		217 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2176798d89c5f39fc15b3fd857a4441dc0f4db1ce44206e7cafdb935235f89bb

Request headers

:path
/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
toolguyd.com
referer
https://toolguyd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 23:46:02 GMT
server
cloudflare
age
1077056
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hSGk7WA5Sg4SdYwPjiJMz9B1Vo3Dmjae3bWz%2B3b62jeXCW07kQMhyy61SQz%2BwKSF%2FmD96dED5thMmVpbAmj%2FJSc7boI3iaDRORSfRebk34XgANOkA9GloBgF1j39CrqlI2neNqyI17HUJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d50e5b4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Sun, 10 Jul 2022 23:55:56 GMT
jquery.min.js
toolguyd.com/blog/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
toolguyd.com
referer
https://toolguyd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 18:07:28 GMT
server
cloudflare
age
59428
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKxfE5aHvQI4bevPZ1zxYeNq8Yo9dIU1hyfFNiriB1bgA5%2BnLWFK7EiVpVFEE84V51SHO0tqajcbTwANV3sMwpsXW%2F53DR5xf9OP%2FobJ%2FPl1pNBLP%2FIZzu654xuJSD4w5YPqkOUXh4kbdAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d50e634ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 18:36:24 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3908677-2
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
286640d601ccb869f0e04bac7ae081752f48341a43b8b8dcd2efd4e977bc377f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40451
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Aug 2021 11:06:51 GMT
css
fonts.googleapis.com/ 		1 KB
406 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700&display=swap
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 10:08:29 GMT
server
ESF
date
Mon, 02 Aug 2021 11:06:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Aug 2021 11:06:51 GMT
e-202131.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202131.js
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 24 Jul 2022 22:55:22 GMT
autoptimize_a6b2d763a2033e8da92c1649d0796860.js
toolguyd.com/blog/wp-content/cache/autoptimize/js/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/blog/wp-content/cache/autoptimize/js/autoptimize_a6b2d763a2033e8da92c1649d0796860.js
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff26d71f4535c44b64217a099b4c4d8c0a6300638e09a835479399e59e3c97e

Request headers

:path
/blog/wp-content/cache/autoptimize/js/autoptimize_a6b2d763a2033e8da92c1649d0796860.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
toolguyd.com
referer
https://toolguyd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Jul 2021 21:50:19 GMT
server
cloudflare
age
9960
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APv%2BtsdnkO65Q6CQKdA8FxCJA79EQBPtO6i4CqMvrjK6HSkoI005VKPcEe5h0ZRaXaL%2F7%2F1epGHkHSRd5C%2FkFVXbEhSGUobEvccs3QZhiEHeGHuzKhBIc0g9lXkxxE5a7afhEesy%2FnPklEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5afad4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 04 Aug 2021 08:20:51 GMT
wp-emoji-release.min.js
toolguyd.com/blog/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
toolguyd.com
referer
https://toolguyd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 18:07:28 GMT
server
cloudflare
age
59427
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSUvQgNMB%2F%2BlTFfyxXj01hsH5JtLcObecDGeZWweu1%2B%2FuqSRDbmmeWeZsVg2hc6CXy%2F9jMF0TBBJD1GQeFd4xxYLFgoEOCZLJdyE498%2BpIB5h2UXEqVdr27HoTCJf7n006UldZwAJYIAyx4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5afae4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 18:36:25 GMT
gpt.js
www.googletagservices.com/tag/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec2161918df41f1365e2ad9a9cb2d1c199defae5b7dbd93e14dc293872a4cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"946 / 200 of 1000 / last-modified: 1627683143"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24684
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:51 GMT
symbol-defs.svg
toolguyd.com/blog/wp-content/plugins/simple-social-icons/ 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://toolguyd.com/blog/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

:path
/blog/wp-content/plugins/simple-social-icons/symbol-defs.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Apr 2020 03:21:38 GMT
server
cloudflare
age
90549
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH%2FB1aDUW4OHR2WUM9SrsA0tRyXTzfN0TgR9AbL%2BRQjhMvS2LCoLcluT2ozaoOZxdzTah%2FCP8iOQwFqudunl36KIyJk6EwdqSW99P1XDoQGRDyh1XMXffJrSJiz2p88Zlwo%2BQvDnmF2pz%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5afbb4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 09:57:42 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
tglogo.svg
toolguyd.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/images/tglogo.svg
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea02d6860d38be238b71c164a9f22bba9f6feebc3df28bb7a29a66988bd19b8

Request headers

:path
/images/tglogo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 Mar 2021 01:46:06 GMT
server
cloudflare
age
89562
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOWc8l5kfHEc37piWdECYUJ3GLAWqSFgRnBMqqs3l0rlLHAlQCuYyvJST5f3mbfRR5rNz%2BGb6D9AR77rpLrRZbrOxMHspRaJEZln%2FOch7wwaHrRS31DJtHsaRSrHD8EcFvdOaZVh98kLnyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5afbf4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 10:14:10 GMT
search-icon.png
toolguyd.com/blog/wp-content/themes/toolguyd/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/images/search-icon.png
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda85cc307eb4b4fa2e2ba2ab5e711b4d0285ca79a60c5810584ddee29da7997

Request headers

:path
/blog/wp-content/themes/toolguyd/images/search-icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
970137
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3180
last-modified
Wed, 18 Mar 2015 02:25:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6V2lottw4cTeqdzC5JUr2zbMiWbb%2Fd7RPd2Ubmbn5lHtkmKeFccZ3ajiBwUz6ozqYgm8N4%2BeSVDly6uvHGXnXEWIu%2FdqIi1yA5WC94XWoWxoG34OYYuNqOE2tUSjsJ4i0Hj0lyWITdU4NU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6786d6d5afc44ac3-FRA
expires
Sat, 21 Aug 2021 05:37:56 GMT
arrow-down.svg
toolguyd.com/blog/wp-content/themes/toolguyd/svg/ 		387 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/svg/arrow-down.svg?v=4
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a09997b2b7c26efd6d1a3590951346d235408392b1a885f3c8412befa24484

Request headers

:path
/blog/wp-content/themes/toolguyd/svg/arrow-down.svg?v=4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Feb 2021 09:32:20 GMT
server
cloudflare
age
90431
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRvgFQ35a%2FAQUWHPVJ3Vg7bfZFOF2MMr3M0eFhACsX7dTbBT0g%2BvdyHAqQxs7ciy0qkgNj0GFnCWl8cTfIBrg%2By9bWVoF4xpTGzEGzhuT5ti8FrhVJQcKFCjzH2f2RQTDz2EgTQ6qZSjtcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5cff74ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 09:59:41 GMT
clock.svg
toolguyd.com/blog/wp-content/themes/toolguyd/svg/ 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/svg/clock.svg?v=3
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df8ef4e7728bcafa4ef67961cb55c067996dd9c721da26ec63e3cba975d2b94

Request headers

:path
/blog/wp-content/themes/toolguyd/svg/clock.svg?v=3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Feb 2021 07:56:13 GMT
server
cloudflare
age
11245
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4sY%2Fh%2FAd9%2FszLDGdReiW9ibm%2F2S6ToyPe8Q7sAY1A%2BRhervLgIjksemF3j7zlrbXZ0%2FrGN0kaMpYdrhj4ZkQL9RMEK7Zq8BIm5oNTVwJmA2hrgtC6RcDNmcLsCIktHrWgkMNMAcpqpfeNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5cffd4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 04 Aug 2021 07:59:26 GMT
authors.svg
toolguyd.com/blog/wp-content/themes/toolguyd/svg/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/svg/authors.svg?v=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8e1e9612c412c2ed9d439cfbf8f24742c4037e2cf2d4d20bf6895bf8f77444

Request headers

:path
/blog/wp-content/themes/toolguyd/svg/authors.svg?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Feb 2021 07:58:55 GMT
server
cloudflare
age
11245
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebS0RCtrXLqhaMmdycLE1M84SowE1rkDSRYWKhJxVLWqYzrqhNv8%2FBiInra5PLn61bzj%2F0RmukLYMq1IKZw4GGAP3Dj4CIv0xIbOJroLMjC4P7gI8lC6r9w2g5T0%2BEz0ZtD0kIACVRuHSis%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5e8314ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 04 Aug 2021 07:59:26 GMT
comments.svg
toolguyd.com/blog/wp-content/themes/toolguyd/svg/ 		500 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/svg/comments.svg?v=4
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aba85cdb04bbf2be8769a01417e9f11915c1ec205e6cfc4d1f9db338756e5d7

Request headers

:path
/blog/wp-content/themes/toolguyd/svg/comments.svg?v=4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Feb 2021 07:56:04 GMT
server
cloudflare
age
90455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qoTMQZKLwt2Yb7joCdiBnLWM36xyqENkuHcitygV9f6ciwtCBVpMrCMF%2BfxmWQs%2FGihsIJePd9S4e4e1MEzSL4RAp%2Bd5T%2Flp04prBqCIAmA6UJUPP33VpAryOT3r%2FhXCDRnBHIV8OQOwss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6786d6d5e83a4ac3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 03 Aug 2021 09:59:16 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.9.1&blog=146876550&post=0&tz=-4&srv=toolguyd.com&host=toolguyd.com&ref=&fcp=0&rand=0.6220354905753205
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
icon_comment.png
toolguyd.com/blog/wp-content/themes/toolguyd/images/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toolguyd.com/blog/wp-content/themes/toolguyd/images/icon_comment.png
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:91c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9932b507c87692d1dc97ddeb4107ae64f4492ab322178b7dd41469736428f159

Request headers

:path
/blog/wp-content/themes/toolguyd/images/icon_comment.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
toolguyd.com
referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://toolguyd.com/blog/wp-content/cache/autoptimize/css/autoptimize_749819ba9b467cf50e8674c50d771252.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
969544
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
626
last-modified
Tue, 05 Jun 2018 05:43:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIVc245GA9ZL5ERljdTvzawck6zsNLs0Zj1tM8Q8qAS3eA%2BGhRXNrIpw9xg7glCm8FaI9F2l4HlSLOlsgFd6dV6I4NMspAzNVT5vFR3UhA2AVch7Up65ai87pmhJMD35LSVcq3kgcXH67O8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=691200, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6786d6d6ea3e4ac3-FRA
expires
Sat, 21 Aug 2021 05:47:49 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://toolguyd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options
nosniff
age
527549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 08:34:22 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://toolguyd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options
nosniff
age
557410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:16:41 GMT
Delta-Scroll-Saw-40-694.jpg
i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/Delta-Scroll-Saw-40-694.jpg?resize=380%2C300&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b2c3a15bf90932a6f73f2f1b5f6fc2a68a5c20a72d3fc8957993b8c2e97a2454
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Aug 2021 02:14:09 GMT
server
nginx
etag
"0874565bfd4adb25"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2021/07/Delta-Scroll-Saw-40-694.jpg>; rel="canonical"
content-length
11066
expires
Tue, 01 Aug 2023 14:14:09 GMT
Estwing-Website-2021.jpg
i2.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/Estwing-Website-2021.jpg?resize=380%2C300&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b6314cf1ec6c89f6d865583bfba53446f0d9d5bac48875ed065d8beeddbfa9c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Sat, 31 Jul 2021 15:25:51 GMT
server
nginx
etag
"ce06304bf80ca412"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2021/07/Estwing-Website-2021.jpg>; rel="canonical"
content-length
6862
expires
Tue, 01 Aug 2023 03:25:51 GMT
Dewalt-Cordless-Miter-Saw-on-Stand.jpg
i0.wp.com/toolguyd.com/blog/wp-content/uploads/2015/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/toolguyd.com/blog/wp-content/uploads/2015/06/Dewalt-Cordless-Miter-Saw-on-Stand.jpg?resize=250%2C200&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
300f0a0c303c7c8cf3d661c432c2a2591415f2f647a488339087af16c90cd705
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 21:33:14 GMT
server
nginx
etag
"3bce2e5537c2a945"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2015/06/Dewalt-Cordless-Miter-Saw-on-Stand.jpg>; rel="canonical"
content-length
8068
expires
Mon, 31 Jul 2023 09:33:14 GMT
Best-Pocket-Technician-Screwdrivers-for-Everyone.jpg
i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/Best-Pocket-Technician-Screwdrivers-for-Everyone.jpg?resize=380%2C300&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b6a8440388caec930724077d7c51afb85a7fe7919accd2262a8d47c2070fe19e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 18:12:33 GMT
server
nginx
etag
"2101c69282649b0b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2021/07/Best-Pocket-Technician-Screwdrivers-for-Everyone.jpg>; rel="canonical"
content-length
10828
expires
Mon, 31 Jul 2023 06:12:33 GMT
Ka-Bar-1480SF-Space-Force-TDI-Knife-Over-Tech-Background.jpg
i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/Ka-Bar-1480SF-Space-Force-TDI-Knife-Over-Tech-Background.jpg?resize=380%2C300&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7220280c3d869c189c717a63b86f6225498eede86846871fea2d4cd0d976d629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:13:08 GMT
server
nginx
etag
"063c3bc7f4c54e82"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2021/07/Ka-Bar-1480SF-Space-Force-TDI-Knife-Over-Tech-Background.jpg>; rel="canonical"
content-length
24714
expires
Mon, 31 Jul 2023 02:13:08 GMT
pubads_impl_2021072701.js
securepubads.g.doubleclick.net/gpt/ 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Jul 2021 08:37:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113834
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=toolguyd.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
efb7c8ff814b911a5468dabc255818ab7e0baa22053a9067253c4326cd7801f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:51 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3908677-2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
5417
date
Mon, 02 Aug 2021 09:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 02 Aug 2021 11:36:34 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BE9QF1X3MS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3908677-2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8990f0f6372d8de7aa0deffd631bdcf6160186b208eb0f16f0a0aba25bfd7c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51068
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:51 GMT
Dewalt-ToughSeries-Tape-Measure-100-Foot-Drop-Resistance.jpg
i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/toolguyd.com/blog/wp-content/uploads/2021/07/Dewalt-ToughSeries-Tape-Measure-100-Foot-Drop-Resistance.jpg?resize=380%2C300&ssl=1
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8a8fe173fede199cae412dd645a674cd9ede4754d4d2e5f44fbc5210aaba9769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 01:41:18 GMT
server
nginx
etag
"9f2260b724463d43"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://toolguyd.com/blog/wp-content/uploads/2021/07/Dewalt-ToughSeries-Tape-Measure-100-Foot-Drop-Resistance.jpg>; rel="canonical"
content-length
35346
expires
Sun, 30 Jul 2023 13:41:18 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1589845484&t=pageview&_s=1&dl=https%3A%2F%2Ftoolguyd.com%2F&ul=en-us&de=UTF-8&dt=ToolGuyd%20%7C%20Tool%20Reviews%2C%20Deals%2C%20Industry%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2077868157&gjid=1305937105&cid=1054521717.1627902412&tid=UA-3908677-2&_gid=373110569.1627902412&_r=1&gtm=2ou7s0&z=777940743
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://toolguyd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BE9QF1X3MS&gtm=2oe7s0&_p=1589845484&sr=1600x1200&ul=en-us&cid=1054521717.1627902412&_s=1&dl=https%3A%2F%2Ftoolguyd.com%2F&dt=ToolGuyd%20%7C%20Tool%20Reviews%2C%20Deals%2C%20Industry%20News&sid=1627902411&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BE9QF1X3MS&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://toolguyd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=toolguyd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=toolguyd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=556206249233566&correlator=4273905259281780&output=ldjh&impl=fif&eid=31062031%2C31061964%2C20211866&vrg=2021072701&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21253022%2CTooolGuyd_Site-Wide_ATF_Rectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1627902411&dt=1627902411918&dlt=1627902411022&idt=846&frm=20&biw=1600&bih=1200&oid=3&adxs=985&adys=212&adks=3077009389&ucis=1&channel=7610756718%2B2783604316&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftoolguyd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x250&msz=300x250&ga_vid=1054521717.1627902412&ga_sid=1627902412&ga_hid=1589845484&ga_fc=false&fws=4&ohw=330&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f5f3fb1604f09c9156556f82dddcd188e7e13d0d9585f104d428b880858ba019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7053
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://toolguyd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E9CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://toolguyd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://toolguyd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 11:06:51 GMT
expires
Tue, 02 Aug 2022 11:06:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=556206249233566&correlator=4273905259281780&output=ldjh&impl=fif&eid=31062031%2C31061964%2C20211866&vrg=2021072701&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21253022%2CSeasonal-300-250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1627902411&dt=1627902411926&dlt=1627902411022&idt=846&frm=20&biw=1600&bih=1200&oid=3&adxs=985&adys=796&adks=1788092353&ucis=2&channel=4040011518%2B2783604316&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftoolguyd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x250&msz=300x250&ga_vid=1054521717.1627902412&ga_sid=1627902412&ga_hid=1589845484&ga_fc=false&fws=4&ohw=330&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
95d9e74033b110e9a96e5c65e88823ed0e5ba671f33c447ad9f0eb09c5b6312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7085
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://toolguyd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5685 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://toolguyd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://toolguyd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 11:06:51 GMT
expires
Tue, 02 Aug 2022 11:06:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644667915703"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44861583f107b3cbf608a4d89c111570ac1a1dee71c3afb80ada0adee6592ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8499
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5377 		478 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 02 Aug 2021 11:06:52 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnaVtiElYNUpDTPoRzjDzyZbeEC3dQFffyYkd4cmS1jXm0JJj5tUyJgrA5D; expires=Sat, 27-Aug-2022 11:06:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 11:06:52 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5685 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdEJo4SwAYeSEBCrWESJajsCdeDO9K0qcSZYv7nJ0-fE_Y27XRzBXxfuMYuZ7Kg6vuVCySCSZdEFM5Uy3gepZkNCo0PVSF1myt7e-yZT1loQt9qgw0ZahtNEA9ybHQelHAR62ULZKvQ125dIH9ZlEQu0xL-g&dbm_d=AKAmf-Dq2SVTDzjHxKdzTR5XM0y9AnCDJMw5FIdGOr8rh9gB5yQbGDsfBpyw_Ntmj2GFeFPwsaMCzTdTJdIaRTBw1ZjqpdhQ-kYRT2A9DDxDR53nFIAn4VZRlc9SYscz1cec-ljzwv0AjyEYhRwIC0uFO3sE3A6sphPBXSIdOPbHnJ76McN1ooNTYNJMx1fFf6UP26HmEQUYi6WdfB3I41aV_VAVVkWU12oUeVlSFx4F7zDRjQGfjoIL9fvLhIXt4KOHzXFTj79HttZo9zmWHfPIfhQpH0C7d2gBE_Ggq8outaCJ6o4OiinyTXJzaWtu4N6v3pFwPzh7sCFXJFdSUN692k54hEuy1ngH6GFnBYz9Fftf4HxefeR8lVxzZXkw4C1xUOLhYejb_fA3CelyQ0L2axXn1YzPbSGhqJguyvcpprUYasiCw9CZ1S6RaTOk-0Hvkz9XSNzlBt46TgFmGoGq95UV4uh5qDQXkTK7gnwRULAQiyKaKYKVMSTEl7ITs_f_k_lXHbOR2QhbgnpL26M7cNX07wMjGJFBcz-SLDKFQQIPZECOR8viyuNS5EbyUmfzju0Z7BonY9hQdkVPGhtQU-kddJzGPFpl43icqtzmSJMveHe_FyyPJ3-5-Hh-pjaGBkvx5QTbr28u_UYxDojxMPRuHbxLSrgtKX1K0JC5O48NizoKbgEA72q2rQyEpsXb51GHoK7opOY2KNZv-_kysEd0-PPKmT08Jl6Fa-gQOIzwKcS26DKlo8B-7XXcZiJLpY0r5lgUq1fz5EdK0cPfPvkR7xkb-kMzugYL-U35D1AQenht1G-5d-Ag-QHvB13Wvp00BGxr4NEUjRr7jApjHMuJOo3nZinZmkGiH2tvjZZcCbnKS0NtFN4vdt1cqSpOlllKYibktzHMDTIwYAJWAxdwxwdYPI-qjJi7PHL0SSIv44-Q5jzr-YkceAYnEZCTFLTHk9bVD0xT9FoW249ITDc8X6WWBKKEoXp1I3Cvc-7Nh9dv62qjOWG45UyQzrcpWz2nW2-x4V2Di0oVjibfYuQ6TlDgVFHdRL-264HFSl7gp-1nyCmBMtuL3XdBx6oVPSGVeVXTqlU1EwSugkcnwfXpw230L2DGhWLZBDepZE5Ved5Aif2pe0zj-ze0hdH16DlFHqhmbsYhRG17XoJnUJFVKVuykgIkxmWdVPhB-lVdZbPCSsiiF0ty4La5wW1ZUi-Ipo50BHCWqCOL-zWUifEN0EcwZ5LCeBHlIH0Vr7e7VEW1Zyz5zhVelur7SYH7LT0x_O4M_riMA5m3hXCBFEY64_NeCR4hql2tSjZmQs3ZaxuwSNzlCFw9V66kTB_KGeejmRJtCGs7r0ATFMIbJC-bNbzc-5FYFDe4tCFlcMyQSenGW5oEq1_Ts1IfvxhoIF5YlVAt8Dr9YBcMRH8Un9h0eoaHLc64XT8WhhNZpBr-89fdIgfGWXOHLJla1_7GnnBPNWbN8iDhrOEXVecqk76QwRsatZYyecxIIccfK7v8qUsvVtk7QSgxiTNgNrU1X9bPnXMkUEjHPaIidv649NbI5RuONYqXs9IW3oJY6IOBiTuSaI6-GDt0e3EliyBgI0OtnIn-lbNugQ9MiWYEC0CjNEXG-al6oH3f-dUmCfBBcMmN8s4RXF1XOoLvkE5cxRskVUQhzDX52kjKPfjMlitVqEXRQpQM0rUqWOCHqMzgfRimRB8p9ot6PkegW_1lbvk4Ak1v8vAHQC-jFZUHweRrCSdcFdfJ6t7J8201iVl_L6mfSSwpxE2qDZXZ1AgyYFWt910ttnismol2xJyUxt3u_uvKlKSz4RakZCXj-9xv4KkY-uaOWzFacGzsZIYf6MgARjcWYu3MARwBWEnqbdgtssiQAwZdib3tMgI_9g2smH7kSOAmUyppYYDfgYTr4bVFo6AWcOIBiQAm-PGvcvTOEnSYooZWJQZuWVv7WmPLiufLpdH_qH41_LpUS9StU4l7mDrkaANYO3dok5HzNhVuiawR5F8fpdgXIODtdYKjo9n9tzba7Qr1t8jgTfj5P8UY0ZbEcqUqaxtF3GKnvaIqTipIImKf5E09p62Aa9IFl-ODfddDx3xGBbr5ToGNjRo7cHAuHEYNJFDN0Wa_nkQmYTbZYtXDL9jHYvPClqsTxsWbBHx2Qofoy3UOSefnsq3Ramj1zgNyTVOWwGcVwncsLngLq-Vp-_z-b6I92WpqHXyejKEvMSJol_qt6IReSX68V0-s2KrnKwoUtJIX1lSVhcL7OkQn7M7mZK6Xm7-rQo-BDaWFy94nMeIDKqAW_6pknmqnDDQ16tuLr3KOpfCazzpleQ66TmpkdDJKxsy2TJIE4bNwFE8X9nLsxfW_2lmNJRimLr-5Nn7lWR4uQQ8m-EzDeAHfEtSGSlHWLjoDvpUF_xhVEQ4UHfqL-qUWQoJDSbmX4hE8ucKkaKLNE4IszZpV0ccphlWhKpIzzc4PXzusxGmpvR0BSVv-2QoL2iV-UMbvedewRXCT1TSHXZKV4MzBl9TnYXfyrJREce4mcoY89RN12sMpQQm1D69ZXPCHvcxxJ53RWhPjTyxBNVOGYH7PumdnfJyZ2fnl7XrNCX4l0U_18AK6UvvFG9kDskU-hTXPcmbRFvovaVtzGdhj4DJ8vc8bU8u4dcETnI-2aqE0mhuy4gPktZhz6EdayoxWC9L7_QdP89OooAEnn4BbEsQUhTpptDKiOqkN_uuRIi2_GQ4hCDfJT7VkWTh5Gkcpa8_8xsn0uesJU2meBCwV1z6EeGKN0KyZK1T1rZU2PKWjydWwDeL9xlk2kwpGSh62E85UN914oQ3Cn-lBI4enT56OshZC-N_iyjvf3Mc23xe79NDuIdpX73RyZsRsvr3y2iR_IkuoLO-1CuExMviIXgqG5Yw0I6Cg2Sp4PG-0hjdfaaec1ogrG-ZE718iY_SCPNoHCn_jjgnm5j1l15V6wSAXqH7fucGm-bhPeCWLuOOefHitTZTudU6EzJ-aULPUtFZyFfkiv_n17MVXFjquA_rxXQ&cid=CAASFeRooaVy8i-Pk-UxWE-f8Xb08fbybg&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2cf387d90a03ec4489ef2a9db4dbe81054413dd28b2cacb23c8705d49d2133a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24559
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5685 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dm_JAghzsMXehdWvjcUcpUoODThCszwWZqWCm1qoF68K2ZPGXK4T0skAaezyMsBiPXLmb-_LdFYZWttrLcdOyNyM-pqwbgIRfCU3CNYmOmmy2DQwk
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5685 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:05:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5685 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644660751711"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5685 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:05:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:52 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 5685 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 10:46:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 5685 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdEJo4SwAYeSEBCrWESJajsCdeDO9K0qcSZYv7nJ0-fE_Y27XRzBXxfuMYuZ7Kg6vuVCySCSZdEFM5Uy3gepZkNCo0PVSF1myt7e-yZT1loQt9qgw0ZahtNEA9ybHQelHAR62ULZKvQ125dIH9ZlEQu0xL-g&dbm_d=AKAmf-Dq2SVTDzjHxKdzTR5XM0y9AnCDJMw5FIdGOr8rh9gB5yQbGDsfBpyw_Ntmj2GFeFPwsaMCzTdTJdIaRTBw1ZjqpdhQ-kYRT2A9DDxDR53nFIAn4VZRlc9SYscz1cec-ljzwv0AjyEYhRwIC0uFO3sE3A6sphPBXSIdOPbHnJ76McN1ooNTYNJMx1fFf6UP26HmEQUYi6WdfB3I41aV_VAVVkWU12oUeVlSFx4F7zDRjQGfjoIL9fvLhIXt4KOHzXFTj79HttZo9zmWHfPIfhQpH0C7d2gBE_Ggq8outaCJ6o4OiinyTXJzaWtu4N6v3pFwPzh7sCFXJFdSUN692k54hEuy1ngH6GFnBYz9Fftf4HxefeR8lVxzZXkw4C1xUOLhYejb_fA3CelyQ0L2axXn1YzPbSGhqJguyvcpprUYasiCw9CZ1S6RaTOk-0Hvkz9XSNzlBt46TgFmGoGq95UV4uh5qDQXkTK7gnwRULAQiyKaKYKVMSTEl7ITs_f_k_lXHbOR2QhbgnpL26M7cNX07wMjGJFBcz-SLDKFQQIPZECOR8viyuNS5EbyUmfzju0Z7BonY9hQdkVPGhtQU-kddJzGPFpl43icqtzmSJMveHe_FyyPJ3-5-Hh-pjaGBkvx5QTbr28u_UYxDojxMPRuHbxLSrgtKX1K0JC5O48NizoKbgEA72q2rQyEpsXb51GHoK7opOY2KNZv-_kysEd0-PPKmT08Jl6Fa-gQOIzwKcS26DKlo8B-7XXcZiJLpY0r5lgUq1fz5EdK0cPfPvkR7xkb-kMzugYL-U35D1AQenht1G-5d-Ag-QHvB13Wvp00BGxr4NEUjRr7jApjHMuJOo3nZinZmkGiH2tvjZZcCbnKS0NtFN4vdt1cqSpOlllKYibktzHMDTIwYAJWAxdwxwdYPI-qjJi7PHL0SSIv44-Q5jzr-YkceAYnEZCTFLTHk9bVD0xT9FoW249ITDc8X6WWBKKEoXp1I3Cvc-7Nh9dv62qjOWG45UyQzrcpWz2nW2-x4V2Di0oVjibfYuQ6TlDgVFHdRL-264HFSl7gp-1nyCmBMtuL3XdBx6oVPSGVeVXTqlU1EwSugkcnwfXpw230L2DGhWLZBDepZE5Ved5Aif2pe0zj-ze0hdH16DlFHqhmbsYhRG17XoJnUJFVKVuykgIkxmWdVPhB-lVdZbPCSsiiF0ty4La5wW1ZUi-Ipo50BHCWqCOL-zWUifEN0EcwZ5LCeBHlIH0Vr7e7VEW1Zyz5zhVelur7SYH7LT0x_O4M_riMA5m3hXCBFEY64_NeCR4hql2tSjZmQs3ZaxuwSNzlCFw9V66kTB_KGeejmRJtCGs7r0ATFMIbJC-bNbzc-5FYFDe4tCFlcMyQSenGW5oEq1_Ts1IfvxhoIF5YlVAt8Dr9YBcMRH8Un9h0eoaHLc64XT8WhhNZpBr-89fdIgfGWXOHLJla1_7GnnBPNWbN8iDhrOEXVecqk76QwRsatZYyecxIIccfK7v8qUsvVtk7QSgxiTNgNrU1X9bPnXMkUEjHPaIidv649NbI5RuONYqXs9IW3oJY6IOBiTuSaI6-GDt0e3EliyBgI0OtnIn-lbNugQ9MiWYEC0CjNEXG-al6oH3f-dUmCfBBcMmN8s4RXF1XOoLvkE5cxRskVUQhzDX52kjKPfjMlitVqEXRQpQM0rUqWOCHqMzgfRimRB8p9ot6PkegW_1lbvk4Ak1v8vAHQC-jFZUHweRrCSdcFdfJ6t7J8201iVl_L6mfSSwpxE2qDZXZ1AgyYFWt910ttnismol2xJyUxt3u_uvKlKSz4RakZCXj-9xv4KkY-uaOWzFacGzsZIYf6MgARjcWYu3MARwBWEnqbdgtssiQAwZdib3tMgI_9g2smH7kSOAmUyppYYDfgYTr4bVFo6AWcOIBiQAm-PGvcvTOEnSYooZWJQZuWVv7WmPLiufLpdH_qH41_LpUS9StU4l7mDrkaANYO3dok5HzNhVuiawR5F8fpdgXIODtdYKjo9n9tzba7Qr1t8jgTfj5P8UY0ZbEcqUqaxtF3GKnvaIqTipIImKf5E09p62Aa9IFl-ODfddDx3xGBbr5ToGNjRo7cHAuHEYNJFDN0Wa_nkQmYTbZYtXDL9jHYvPClqsTxsWbBHx2Qofoy3UOSefnsq3Ramj1zgNyTVOWwGcVwncsLngLq-Vp-_z-b6I92WpqHXyejKEvMSJol_qt6IReSX68V0-s2KrnKwoUtJIX1lSVhcL7OkQn7M7mZK6Xm7-rQo-BDaWFy94nMeIDKqAW_6pknmqnDDQ16tuLr3KOpfCazzpleQ66TmpkdDJKxsy2TJIE4bNwFE8X9nLsxfW_2lmNJRimLr-5Nn7lWR4uQQ8m-EzDeAHfEtSGSlHWLjoDvpUF_xhVEQ4UHfqL-qUWQoJDSbmX4hE8ucKkaKLNE4IszZpV0ccphlWhKpIzzc4PXzusxGmpvR0BSVv-2QoL2iV-UMbvedewRXCT1TSHXZKV4MzBl9TnYXfyrJREce4mcoY89RN12sMpQQm1D69ZXPCHvcxxJ53RWhPjTyxBNVOGYH7PumdnfJyZ2fnl7XrNCX4l0U_18AK6UvvFG9kDskU-hTXPcmbRFvovaVtzGdhj4DJ8vc8bU8u4dcETnI-2aqE0mhuy4gPktZhz6EdayoxWC9L7_QdP89OooAEnn4BbEsQUhTpptDKiOqkN_uuRIi2_GQ4hCDfJT7VkWTh5Gkcpa8_8xsn0uesJU2meBCwV1z6EeGKN0KyZK1T1rZU2PKWjydWwDeL9xlk2kwpGSh62E85UN914oQ3Cn-lBI4enT56OshZC-N_iyjvf3Mc23xe79NDuIdpX73RyZsRsvr3y2iR_IkuoLO-1CuExMviIXgqG5Yw0I6Cg2Sp4PG-0hjdfaaec1ogrG-ZE718iY_SCPNoHCn_jjgnm5j1l15V6wSAXqH7fucGm-bhPeCWLuOOefHitTZTudU6EzJ-aULPUtFZyFfkiv_n17MVXFjquA_rxXQ&cid=CAASFeRooaVy8i-Pk-UxWE-f8Xb08fbybg&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:01:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 5685 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdEJo4SwAYeSEBCrWESJajsCdeDO9K0qcSZYv7nJ0-fE_Y27XRzBXxfuMYuZ7Kg6vuVCySCSZdEFM5Uy3gepZkNCo0PVSF1myt7e-yZT1loQt9qgw0ZahtNEA9ybHQelHAR62ULZKvQ125dIH9ZlEQu0xL-g&dbm_d=AKAmf-Dq2SVTDzjHxKdzTR5XM0y9AnCDJMw5FIdGOr8rh9gB5yQbGDsfBpyw_Ntmj2GFeFPwsaMCzTdTJdIaRTBw1ZjqpdhQ-kYRT2A9DDxDR53nFIAn4VZRlc9SYscz1cec-ljzwv0AjyEYhRwIC0uFO3sE3A6sphPBXSIdOPbHnJ76McN1ooNTYNJMx1fFf6UP26HmEQUYi6WdfB3I41aV_VAVVkWU12oUeVlSFx4F7zDRjQGfjoIL9fvLhIXt4KOHzXFTj79HttZo9zmWHfPIfhQpH0C7d2gBE_Ggq8outaCJ6o4OiinyTXJzaWtu4N6v3pFwPzh7sCFXJFdSUN692k54hEuy1ngH6GFnBYz9Fftf4HxefeR8lVxzZXkw4C1xUOLhYejb_fA3CelyQ0L2axXn1YzPbSGhqJguyvcpprUYasiCw9CZ1S6RaTOk-0Hvkz9XSNzlBt46TgFmGoGq95UV4uh5qDQXkTK7gnwRULAQiyKaKYKVMSTEl7ITs_f_k_lXHbOR2QhbgnpL26M7cNX07wMjGJFBcz-SLDKFQQIPZECOR8viyuNS5EbyUmfzju0Z7BonY9hQdkVPGhtQU-kddJzGPFpl43icqtzmSJMveHe_FyyPJ3-5-Hh-pjaGBkvx5QTbr28u_UYxDojxMPRuHbxLSrgtKX1K0JC5O48NizoKbgEA72q2rQyEpsXb51GHoK7opOY2KNZv-_kysEd0-PPKmT08Jl6Fa-gQOIzwKcS26DKlo8B-7XXcZiJLpY0r5lgUq1fz5EdK0cPfPvkR7xkb-kMzugYL-U35D1AQenht1G-5d-Ag-QHvB13Wvp00BGxr4NEUjRr7jApjHMuJOo3nZinZmkGiH2tvjZZcCbnKS0NtFN4vdt1cqSpOlllKYibktzHMDTIwYAJWAxdwxwdYPI-qjJi7PHL0SSIv44-Q5jzr-YkceAYnEZCTFLTHk9bVD0xT9FoW249ITDc8X6WWBKKEoXp1I3Cvc-7Nh9dv62qjOWG45UyQzrcpWz2nW2-x4V2Di0oVjibfYuQ6TlDgVFHdRL-264HFSl7gp-1nyCmBMtuL3XdBx6oVPSGVeVXTqlU1EwSugkcnwfXpw230L2DGhWLZBDepZE5Ved5Aif2pe0zj-ze0hdH16DlFHqhmbsYhRG17XoJnUJFVKVuykgIkxmWdVPhB-lVdZbPCSsiiF0ty4La5wW1ZUi-Ipo50BHCWqCOL-zWUifEN0EcwZ5LCeBHlIH0Vr7e7VEW1Zyz5zhVelur7SYH7LT0x_O4M_riMA5m3hXCBFEY64_NeCR4hql2tSjZmQs3ZaxuwSNzlCFw9V66kTB_KGeejmRJtCGs7r0ATFMIbJC-bNbzc-5FYFDe4tCFlcMyQSenGW5oEq1_Ts1IfvxhoIF5YlVAt8Dr9YBcMRH8Un9h0eoaHLc64XT8WhhNZpBr-89fdIgfGWXOHLJla1_7GnnBPNWbN8iDhrOEXVecqk76QwRsatZYyecxIIccfK7v8qUsvVtk7QSgxiTNgNrU1X9bPnXMkUEjHPaIidv649NbI5RuONYqXs9IW3oJY6IOBiTuSaI6-GDt0e3EliyBgI0OtnIn-lbNugQ9MiWYEC0CjNEXG-al6oH3f-dUmCfBBcMmN8s4RXF1XOoLvkE5cxRskVUQhzDX52kjKPfjMlitVqEXRQpQM0rUqWOCHqMzgfRimRB8p9ot6PkegW_1lbvk4Ak1v8vAHQC-jFZUHweRrCSdcFdfJ6t7J8201iVl_L6mfSSwpxE2qDZXZ1AgyYFWt910ttnismol2xJyUxt3u_uvKlKSz4RakZCXj-9xv4KkY-uaOWzFacGzsZIYf6MgARjcWYu3MARwBWEnqbdgtssiQAwZdib3tMgI_9g2smH7kSOAmUyppYYDfgYTr4bVFo6AWcOIBiQAm-PGvcvTOEnSYooZWJQZuWVv7WmPLiufLpdH_qH41_LpUS9StU4l7mDrkaANYO3dok5HzNhVuiawR5F8fpdgXIODtdYKjo9n9tzba7Qr1t8jgTfj5P8UY0ZbEcqUqaxtF3GKnvaIqTipIImKf5E09p62Aa9IFl-ODfddDx3xGBbr5ToGNjRo7cHAuHEYNJFDN0Wa_nkQmYTbZYtXDL9jHYvPClqsTxsWbBHx2Qofoy3UOSefnsq3Ramj1zgNyTVOWwGcVwncsLngLq-Vp-_z-b6I92WpqHXyejKEvMSJol_qt6IReSX68V0-s2KrnKwoUtJIX1lSVhcL7OkQn7M7mZK6Xm7-rQo-BDaWFy94nMeIDKqAW_6pknmqnDDQ16tuLr3KOpfCazzpleQ66TmpkdDJKxsy2TJIE4bNwFE8X9nLsxfW_2lmNJRimLr-5Nn7lWR4uQQ8m-EzDeAHfEtSGSlHWLjoDvpUF_xhVEQ4UHfqL-qUWQoJDSbmX4hE8ucKkaKLNE4IszZpV0ccphlWhKpIzzc4PXzusxGmpvR0BSVv-2QoL2iV-UMbvedewRXCT1TSHXZKV4MzBl9TnYXfyrJREce4mcoY89RN12sMpQQm1D69ZXPCHvcxxJ53RWhPjTyxBNVOGYH7PumdnfJyZ2fnl7XrNCX4l0U_18AK6UvvFG9kDskU-hTXPcmbRFvovaVtzGdhj4DJ8vc8bU8u4dcETnI-2aqE0mhuy4gPktZhz6EdayoxWC9L7_QdP89OooAEnn4BbEsQUhTpptDKiOqkN_uuRIi2_GQ4hCDfJT7VkWTh5Gkcpa8_8xsn0uesJU2meBCwV1z6EeGKN0KyZK1T1rZU2PKWjydWwDeL9xlk2kwpGSh62E85UN914oQ3Cn-lBI4enT56OshZC-N_iyjvf3Mc23xe79NDuIdpX73RyZsRsvr3y2iR_IkuoLO-1CuExMviIXgqG5Yw0I6Cg2Sp4PG-0hjdfaaec1ogrG-ZE718iY_SCPNoHCn_jjgnm5j1l15V6wSAXqH7fucGm-bhPeCWLuOOefHitTZTudU6EzJ-aULPUtFZyFfkiv_n17MVXFjquA_rxXQ&cid=CAASFeRooaVy8i-Pk-UxWE-f8Xb08fbybg&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9340
x-xss-protection
0
server
cafe
etag
14963318235020188028
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:04:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5EFD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://toolguyd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://toolguyd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 02 Aug 2021 11:04:40 GMT
expires
Tue, 02 Aug 2022 11:04:40 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D07F 		783 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cef58fc6bec3a346e6d370b60384fd876a5a4380b5a8d05ed3a9b40726ce47aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9SD6HsFNa7uwfTecB1w5Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://toolguyd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://toolguyd.com/

Response headers

expires
Mon, 02 Aug 2021 11:06:53 GMT
date
Mon, 02 Aug 2021 11:06:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9SD6HsFNa7uwfTecB1w5Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 5377 		170 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5377
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 11:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 11:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5377
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfRzZOygNMNWJ0wrMTragAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWkCWmm6EI0L8iQEYKt11UrF0DflHwtoWfw56JFIUi8qTch6Mnv0KOIutiJcpR22lW2rexss1-4JgkJGEVRhDE7SThWdQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 11:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 11:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5685 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
truncated
/ Frame 5685 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd361a3bc8dc3ab4eb4aec799bcbef83f735e51fb365822382bdd54f38d38472

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ABE4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9774257/838240618811665/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3f2897ed228fd79113094730d29a4d341d9c3596d33a4c23fc5bf0cec936a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9774257/838240618811665/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4437
date
Sun, 01 Aug 2021 21:20:34 GMT
expires
Mon, 02 Aug 2021 21:20:34 GMT
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
49579
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5685 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8T9EoneX2wmsUdhMRzyNygvWKNXlA0gqNhcLofjqxw7ioolLoavudD2nG5yws9JOb4Eebtw16VaP4Eaj_-_NcAQcpJ6yACujIfe4-8I11r3auTzX-sOtsu9BVytr4wffbEi2JJIEgVG7a727bKVnslxLKbBpD94efMacCazdeLAkLwkMOOGxsvCEYU6i1JG_bmgEZn1MinhjYwRImjWuNHIeYAOa_H4fwMWUAw8JWKiQ4bTX5G5LyG_WYDA61OUOu-vEYImtfwh94LV8G0vMtV58P4Ff9dpcQT_UWnPs1VY6sdfdjs9V7g7aDI09XxueKSJagZqkSGiWNgiKimnvMCkMmlma2jxOF5ZUpOiuMWJJL7ftnq32NznC9bKw_FszrobfInwXcM1Ni1jgaTSFW-fGwXI9ksNh2goPHCM6Aew1dBu6Lw0EkksRoIjgvP1QmdT8H1o1pqA2ju3Oz-xWrC95VTj7HGvHonPbb_gwLVtB5T707uK7fejgr41pPumSn_2-auWtP_HkZPjvRelar42vONcCHhgx-yYgjmdoub877-zSj9b8zxfKzMp3K4Jt54F2_TumNBRTvstZ7Z5Z5UW9hDTOKK3W6lDvzKO7QFH4NTsNwvg1eurfitzBKEcbHkDJdQYzJbZZfKveKASmmBZ_9ld5cjYlXgc1sYEn7vgP8i0r3fGWxu1R8eiGDdsoZZE5SHdFuLZs9Ak3fQJQgH1vSsrk2-_zDBhWelmBmS4qDjkqWPsFKe45LSBEa1v4YDGYJK0tRJGJuatj5QJNwumPJXeMQLQpuEkdgah_1b7oXXkLH8Cln1OVm2Zxa9SzPihbfk0wE0x5-F2tTpBNmZB4FoCYxcTtQPlPkX6OaK678WQHJhUVWjXlOib_V8am7-9_tH1Ym2vJxzqXtKobHG731VnLoOPMlzsFq5WVdKlDlWPRNqyv9DqNuUCDKNW-FFvjSdAy3vjmBMLaVF3QvRr7cF7nIP5UCHNMblVv4XlwjdO5xB_G0ASwHSl7Yfm9ubGu-xOpQEkBr5hr8bWiPI4gWKKk2SzpKZdJMdsj1deWyIJ843dpa8W7uePvqW1BlEANwV3eJ6Zg2r9Ixfb59Vxqee3S0ASzDbMMuyyVu0xK3r0884pPCdCIGJRUw7bLnqQ&sai=AMfl-YTS801x5ahwmnY4jE8EISfmwVzF6aIPLwz1LcxcCTVCoiJTvL07y2KNt75wLZEwfabeG2aYfvaiKoRYlfHBwv8OOxJ8EiW9xf5_3qDVX-R0f6tpNpgiLfXQGF89ELkGofZkG8gBLpq2xho-ucQiJpDHEbkOSLuDGCXCehQ&sig=Cg0ArKJSzKnDjou9ocAbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&cbvp=1&cstd=205&cisv=r20210728.85034&adurl=
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 11:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 5EFD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
174343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame ABE4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
174343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
HYPE-736.thin.min.js
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9774257/838240618811665/HYPE-736.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24549
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
streak_red.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		242 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/streak_red.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d669848f9f0c0cbcc426aa4e3ffb853aa1388e1775aab0604d1a115749c10e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
fireworks_large_2.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/fireworks_large_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75649a4d283510ac94c606b4caff999bf702a30c6eed611db9480bfdac9dd95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6783
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
Sunrise-red.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/Sunrise-red.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54197fb4d107c2359625a8db4a7a0d2c63b4e5868380ee346d87d9b1928285cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1705
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
streak_yellow.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		256 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/streak_yellow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de245c18fe5f7c9719b55d162a9d23dbf575829e0e9935004438add727f386cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
fireworks_small_3.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/fireworks_small_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aff86ff3c89779360b9a7bebd8b1192089c68e7c94a1006f1b2b1083ed24da83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
bubble_en.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/bubble_en.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
119c4fa0c29b6ec11ef4449b93e690989ad5dc52db4ff1ca13976319b4fa4198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6129
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
headline_en.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/headline_en.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c8350fc3d0c611323c0ef4e6152c171b7abbd8f7ed5d548aa58ef7540fe2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4435
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
subline_en.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		16 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/subline_en.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
781b52eda5cf7cc4646ec99b5b7808a7079421723f319fc6be8527c4bb8a1639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4851
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
cta_en.svg
s0.2mdn.net/9774257/838240618811665/ Frame 9860 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9774257/838240618811665/cta_en.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838240618811665/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33f8c554f38ee83780ec65cf06a15f7bad8f9c81c1c52ae0ab34b576f25596b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9774257/838240618811665/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 21:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2105
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 10:19:58 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 02 Aug 2021 21:20:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5685 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8T9EoneX2wmsUdhMRzyNygvWKNXlA0gqNhcLofjqxw7ioolLoavudD2nG5yws9JOb4Eebtw16VaP4Eaj_-_NcAQcpJ6yACujIfe4-8I11r3auTzX-sOtsu9BVytr4wffbEi2JJIEgVG7a727bKVnslxLKbBpD94efMacCazdeLAkLwkMOOGxsvCEYU6i1JG_bmgEZn1MinhjYwRImjWuNHIeYAOa_H4fwMWUAw8JWKiQ4bTX5G5LyG_WYDA61OUOu-vEYImtfwh94LV8G0vMtV58P4Ff9dpcQT_UWnPs1VY6sdfdjs9V7g7aDI09XxueKSJagZqkSGiWNgiKimnvMCkMmlma2jxOF5ZUpOiuMWJJL7ftnq32NznC9bKw_FszrobfInwXcM1Ni1jgaTSFW-fGwXI9ksNh2goPHCM6Aew1dBu6Lw0EkksRoIjgvP1QmdT8H1o1pqA2ju3Oz-xWrC95VTj7HGvHonPbb_gwLVtB5T707uK7fejgr41pPumSn_2-auWtP_HkZPjvRelar42vONcCHhgx-yYgjmdoub877-zSj9b8zxfKzMp3K4Jt54F2_TumNBRTvstZ7Z5Z5UW9hDTOKK3W6lDvzKO7QFH4NTsNwvg1eurfitzBKEcbHkDJdQYzJbZZfKveKASmmBZ_9ld5cjYlXgc1sYEn7vgP8i0r3fGWxu1R8eiGDdsoZZE5SHdFuLZs9Ak3fQJQgH1vSsrk2-_zDBhWelmBmS4qDjkqWPsFKe45LSBEa1v4YDGYJK0tRJGJuatj5QJNwumPJXeMQLQpuEkdgah_1b7oXXkLH8Cln1OVm2Zxa9SzPihbfk0wE0x5-F2tTpBNmZB4FoCYxcTtQPlPkX6OaK678WQHJhUVWjXlOib_V8am7-9_tH1Ym2vJxzqXtKobHG731VnLoOPMlzsFq5WVdKlDlWPRNqyv9DqNuUCDKNW-FFvjSdAy3vjmBMLaVF3QvRr7cF7nIP5UCHNMblVv4XlwjdO5xB_G0ASwHSl7Yfm9ubGu-xOpQEkBr5hr8bWiPI4gWKKk2SzpKZdJMdsj1deWyIJ843dpa8W7uePvqW1BlEANwV3eJ6Zg2r9Ixfb59Vxqee3S0ASzDbMMuyyVu0xK3r0884pPCdCIGJRUw7bLnqQ&sai=AMfl-YTS801x5ahwmnY4jE8EISfmwVzF6aIPLwz1LcxcCTVCoiJTvL07y2KNt75wLZEwfabeG2aYfvaiKoRYlfHBwv8OOxJ8EiW9xf5_3qDVX-R0f6tpNpgiLfXQGF89ELkGofZkG8gBLpq2xho-ucQiJpDHEbkOSLuDGCXCehQ&sig=Cg0ArKJSzKnDjou9ocAbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&vt=11&dtpt=182&dett=3&cstd=205&cisv=r20210728.85034&adurl=
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
container.html
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2851 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://toolguyd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://toolguyd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 11:06:51 GMT
expires
Tue, 02 Aug 2022 11:06:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame CCFE 		478 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk8t1yQZlY6tzETyEpGwXanpsMrjrkmflgQXXNayvV6NPYFUaxPBtbDIDhnnzk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 02 Aug 2021 11:06:53 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 11:06:53 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2851 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb49SgCIFGVW_7A4z8laXOPxJLiutDKYXtIjX0jxyRLmYpjnfTwFQUxnhkmDPb4thvAelfFH2mg1UvwogCInV47QspmdEKk15ncPcS5SKIATkciWeejmdqIACxN75fKlwZhsaC9uY2gtg0EPwA1CuhhlzyMg&dbm_d=AKAmf-ACLXr4XUbBVRT-uZr3udU4WCyx7HXmZR-9vfoof87IGECmASiVzgqodMFPLVkY5FvsYZVp7yCGoeUPvgMFj9gEMB2o89JnvpQ2V3BGPDD3zZB8aDw5jtC6iN7wjGPEP4wAFEqP0xrd_h0SjmLQCthCDkq5CDSSMCqW7Wbh6jEpPo185nIY1zxKWUJcGXK0KZXpmL7BuMC3fqLA5K4Y0Hza7fgzkXtj03f3J0mpWArANwHiBIEhSmevDGk9-cI83BUXeVeAIJfcdOFHhW1f64OO2rVFLoYFNNPxkcSmBJ7dXe1Wq5APb7lV_ke8ddYFshB54_myBzLqOjffJk0RUE_XFJ0N6o2fmQR4QcbdeTyJciNdkpFKlqeA8_NeDBrHoqIyunvpgWWrqN1nyymoaDgZHQq7FNsjaiD0kR7Ay0HBH0erZuhFYP8dCIs-cWggsu84rem-X5bj8XZFGnjx5WWvKSwZMzAIVIW7JRjtXOY8JVc7TnxfijiRJbaZ4CJBJ78YEkSvwospxFs5MnSkO-2VFeHajn0RqdLk4ZcipQIC_m9D6ta-IODUjlkQ9H_cNwyXWSIjAyTyjeIjc4fkDmAsva0lR-nLCnNIUg3R_AuCjg7aB8tAeATfVfvV8XB3GQCrWDbPxpz-HdWEPRy8QCpOY4N3HLsmkQN1_2uCMucDO60HmXZw1wIauEaIk7gLGvDS4HwHSYJGHcB6CLAy5g_1wVw7lGloOKVv21ACOqBIoFZ-MX1g2V-3HWTCC1W6E_j5odPmDnnJXRUyuR-v8B25hLta7F_vqtnqSd3j1c_dWETCHhcyvePnsDvUO_pTi07zqniH9F684r45eYRdv6YIUDdJhYlZPUu7wsozn1IaoV0L8FNhO7FT8OqsovoAmNvKasMxoVj4IGeu08xVfks45lIz4DcHPYNV7T2WENk7xE2SHgMEBlFJWBbFE6K5cZi2POwYb48_rjifucOdIgIsdCoNu3vvAttKE60-6HIWbvcwZd7CzApHxnU_9QywvSK4BHnEFl82KoZ77k2g-QFQdZ8YHD2tmW-veoNPhY5WYj8tvRgcUP7vAowKz9z-yhd2881b8PvTwqkCChWziiRxjBoHKH04wfBz_NMzmo5lfxdAhzhCV_kkGKRNORg9BwXZw3eX9yh2L6cKdSmkXJLUZ8rT96bW2Pih5Y57K86SDLlfuKUiyQ6AWvpofwHgdsHg0ISqfWf_bzwFxTFDObKV75lSR_V4lsccXCcaCJciIIoV5-13kvGXTmWLSmn9AlV5fG9Q7PoRIE5i0uwgEgHEwRidHSMe1lborR66Gq_0SYp_knTe8wDedtHk8JmeH5Ytdu9RFssJrhoPBhvN7QLm1Ky2bdA-vW9Mzg8Cyt7QFZMicZHLla0q6eP2CyxFOWpsycQtRxCbVupZW5Y-j5VbONkGl54rKKQi1JTCZxwXOGSByP7xJsKMB5HGCQi0eUIqmSpgisWfu7rk_A4UgeiCRSdFVO_1v2UZQvvre-Wmjbbpb-O3Aim1wWv6TyhA703xYbRkprVCzgE7gCBt1Or9xvxr-0Et5OI3s1wKC0GpOZFXFpXBSQwsuERzmlmhb7CFaLQ22-eE1nwNupkNwx7-ECtFU8Tyef8DrJ6fH2RtW7LsebDdvWUJMXsPC0E2yehkwn9xt2-NRro8ZuIjPHJaWXn9Kii9oRdo8kdI93MHxy-aoDEZfBSkXiRNlozXMCRSE_sXRb2K-Ig-tF-irw-ffl2JtpPhq14onXB_Ag30O3kXl8ZRZf2xleARW2twmTvBP5QAddWROCXD5cdwKvrUUnYzLi2XYvtqPMslOnw1dPXRJ6E2PQhJOJeIgPlIdX3QjAugQAVg6QAP2tfNx6fGqVnPS5tReKMfRFt5OtJ8-Yes1ZgjxByOkIoNQ0uxVQJ-sp4xO9HPCW_yfCs-DzMjUdgWw3MF65xxpqgwXboMyKVEVlA9t0qG2yMm19qNXDzVUXyWu_jiuWdToii1JtVOJ4tQXhs_L6dRGpx12QNy50csWvgbDzBm9-f20i-MP8N9SGLmDYXctduzUiH7a796cSivayouy7dyJ3gI9XKU5hqoIsRG9A0SDHWy6essrQrhwbjFhLnHoyTGZk_VXmGU0v46mygFQwfkSGB-1qbYkKJE7IkImXl32WEJCJh0bTOcgRajQjiEsC7PnMed1MQ68Grx6pDTuIWuD0oSJlSn47xOQf-HYB5olHps2zH3cRkfYV5mHQUQoMxV604BqnYqDZQ-hVUsTO6NE7rYSqJ-ATlbIarOinjkouZ-QHonai8Csljjb37fmuQsOFgydPj2H4JkNx00iL6vownkEgMf03TfYdCAZXnqmPbeP6rcMcJ-XmLdv2QdOZkgTJ9h-bmfjyjajP1Gto3_uYiWkc12ggYxSEXoyHRmsFHpflQoLnd35Bztru_UOB3jk9poX6jEzp2uLezB3gOrfD6ZNqoTDM0MkTkdacMOlGpoSx1TqsCMpAkM0mckOqc7EcB8dCsLNzQ3rodgEZFxh9O0D3VU2I9I44a21bbMKx5xLb5HUk2GgXArnsAtSfB4npd065SVD8KN1ET2RdGjlw5nJqqSzAjAyGP5H9nR81Jhx2UDlIj10CFsqZzoG-0_IHJd73P45-LmRhvJ4tEMK6Lemh3dec7r1P64D6w8gRTg_hGEDUhBPCe3iklnfVTwB2gebOq1UvcJhtiQLHZ66FSLRZL93sANrOmjlrpeBAUPdD9URkQqatikdzTdUsmM2HO0UKU5cibNuLq-v3EMs21cYdWKvPQI1w2XqPHknTAJrFwlfhBf1Vof9xYQFGlulqz1cE2IFrTmyXxl2b5Lxg24ZXOI8HfiBNBQc0Dv7UoRAr_Y_R01UjpS4n6DPqU6WjfRruxt3NYrKAsCM_rgufEFaqehSAiQFIxc_3iNprsXmqQublyDYMLYR-Owfx4h87hgWodaY4FVX0Ju8mSEj9L9W3x7oCZQaRQGN59W5zy-rRW8GjeILerv2fNlyB7uUcDERD5Yt2z4a3HiqVXT-e25QWZ0oa-hJQ4&cid=CAASFeRo7kPo7aE0D_lfcYA_jpLFGq3e9A&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b43f8eeaa548372e6af96d157c8eb622dfbe9fa4c9dd62ade823f64349b1ed60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24620
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2851 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DteSMfN4PPWurzaOdn91NVieaMBhaERPzh8DyHGTjb_IVfd6ZqD4_8L_1t5SUMg_jEPFEuVg0I-4Y-QhgciluOkymWjXaVVeq0BtB17zrv6333THg
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 2851 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:05:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2851 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644660751711"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Mon, 02 Aug 2021 11:06:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 2851 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:06:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABE4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDR92zNEHYaXeONL03wOV26KoBwAAAAA4AeAEAg&bg=!PT6lPnrNAAals0SOpbM7ACkAdvg8Wm4yCb302QpaKuDo89Ju1DtfRYS394bUiQnkM2Uhh59adOheXwIAAAE0UgAAABhoAQcKAMjRPsAzTF2kIOvoPnl0dnqmBdi549YZVhY_zkZW1iRl3jQQOk0mIFIpDTwcyvtn4y1zcy0cU_1e5XP2E-a4pG6Lbi5k4HrLGaYBoU0eyKcwCVxgq0garkGkvQW6hfui9A3p16R3m3Z0qYioKog3NwMaheDMu66arZzz_pkExW4DjGVDYPznXuC6B4IRXKDW7aM4ahdEJRSrIVjy9OVZscAH96XncaLlGaiJQBQSClvHMPK4abXwbTKdBRMqIg2zAih3MATfB72oHZkCvlawa6PT-nkiu3uglkrC-mHnKVGeo4nnBsoGMEZotXr2L3VePTRLaPZ6iMJdqnAn5afOqmhte0UwbEKG5LWfOInPrIP0A5Xo39uqRUP-RvZ7y0ttpNH_S9cmfbkAaMgHapoKl7H-oX_NxtGw7oLBfk2SXyjAiDQDS4T0jm3Kc4IFn3dxtHdXSgMbtEh92rF_HbT2K6bihRu24dqbYhqE_xu5T9QJpnj2S2fqTzpH3Pm4PNt709MtvWXsCHs5Gkv_IejjAMhfcqsJNhZ-TqlBXo-Tz3Xb7qiWBT7aUeVIWk9v0k5K68uCFmNBl9C9UJMbtz2Y-YD24TpZWk_jSh5dlhkN65syTIxlKm_HhOFqcU7w_iT_9r3umuLXqX2beaKaSJKcUt5eKnBWlxop1B1LgUIiFTES_tjRTZmbNNsbNNUI_S3-o3w0CQbFOwqON9hO_nGrKR7T7l2dM4sdUCyndH3f2YTaXpPCPeU7MVTNR2ZeJIpunmgTFkpO_ukk2YDITXBmPsO4lbGkwKNEzM0_jxe7hlVXFEIPktVoCnptpEZ2NE3V6zCSSNIKxgh43Acv_G4ugZB9Wrtzp4MbWrGr3mr9iAMkiRWuQI64mRGTFesfEb6teqLEJsEpJEXz_1ocQR2nZuRELYhlzrmYoZ6YQHuObf2ZTdDKCbEmTtHcgyRMB4ZA6EeiZJg00VGvPVDuE5lBu5ncEPvIbhLwYyO4Jo2bHiY8B4k7-kJtzdzEsAng5IigVVPWmSceFqXr6ZR4bK4v8G8dqq2FTUycau7ZcAVWIFSVAHnhvfikSqluMwG3yW5WeitLTgwasE25MMUeRRutrHToD_jO0Sx0AB5N-cSzvgF3T5kA8zvQc83ITaBFNT3Ds_gpfHRei8LsWnpQCFND-MAkm6yoSahORzQrWsmjY5edo5uTUgaHkNm0kA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072701&jk=556206249233566&bg=!bG-lbyvNAAals0SOpbM7ACkAdvg8WhDxh0MqD9x2yecIwvokcCCdGVHFyHS0o-ZkEMWyNeP5T9pOWQIAAAF3UgAAABdoAQeZAoglmuMKbHILnyOOQ1fpyZLm3XLzi4qnBFEG_ovI-4wldmDprYnAOY7jnzqRzXJmwhIzOvoxpZrGrfhQwAYxsAsjbj__9ZT_Lojq65IfFH95B7KUTsUPRatTtv-lnCdUnleY3L6rvzIbx18vqpBgNXvvckjc7NCfC0rDVhjtjyPmzsQhX5RXAg0Oni4OVU2ahVksWxD813j_Tst9RFcvl1BYI50frY4ywWRyPddMPDZ9pbuNc8xXqDcrgUp7HCgDbFwrCiLNUZipGqnBFc2KwaUkWFN30CDXNiwSoqw9gUQ8FuZ5GMHwEs24blksEBBDo2DPUTPNB88at5kKmI2rRTJlVCfzZIpvdkMA19DNsjN713G8-lFjwsVCB7Oh4cIw4fx6fDtZKPfb-YoZ-QFcpl90ij6FljCmJcwwvhUFiLoTpwUDdfXXqB7B34twsG2PH9STn4V1GoZCFxQ8CjKXbOXa3kZODKV7a14DZygyF4-ZabXMTrfoUKSEh9mqmibARiVhxkqgNFQhbCPWw-gy4a5t-MfaRf9c-IM9BwqGM_pPZgJVYsNqC6pvy3A_EYOcmMy54_J6Lulqf7m-JMPNdfCyoP0fxd7LZORyteMkNWIMqB2TXYjzZdLkimUF-pNUM31pjsUvOllrxqyalACxHlPDNKrF5-IgiVitgG73GR6DpyZnuklPOGYeIalKEFGUyMhS2wgK5UdZ4p1D8F3nRs7niTf539-xF7t_i_hgAJ1Us1Cq4apl6tQ2KyrQmyZgl1YyOceMxkja7SD2Bp_l1hHxdztvk-WaU4mgaSv5JqekeLrzP4MS6WuSaPWQwRgoI6ldIHM4KjI2U5vkU9LJ-zWtoQSgEcad_14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toolguyd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCFE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CCFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 11:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 11:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CCFE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfRzZOygNMNWJ0wrMTragAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGL2r9ZQBMAE&v=APEucNXLBhJn4kmetSfLTi5OlqrRBObW0Kyf29FLiRiSrzGhaXxrd8oU-3Gia1k6vX3GAtvz7bS339w5pvxrIWl5ZZb8Al7fqA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 11:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 11:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTRL9HvdTD5-aDnAduhhlA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 2851 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 10:46:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 2851 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb49SgCIFGVW_7A4z8laXOPxJLiutDKYXtIjX0jxyRLmYpjnfTwFQUxnhkmDPb4thvAelfFH2mg1UvwogCInV47QspmdEKk15ncPcS5SKIATkciWeejmdqIACxN75fKlwZhsaC9uY2gtg0EPwA1CuhhlzyMg&dbm_d=AKAmf-ACLXr4XUbBVRT-uZr3udU4WCyx7HXmZR-9vfoof87IGECmASiVzgqodMFPLVkY5FvsYZVp7yCGoeUPvgMFj9gEMB2o89JnvpQ2V3BGPDD3zZB8aDw5jtC6iN7wjGPEP4wAFEqP0xrd_h0SjmLQCthCDkq5CDSSMCqW7Wbh6jEpPo185nIY1zxKWUJcGXK0KZXpmL7BuMC3fqLA5K4Y0Hza7fgzkXtj03f3J0mpWArANwHiBIEhSmevDGk9-cI83BUXeVeAIJfcdOFHhW1f64OO2rVFLoYFNNPxkcSmBJ7dXe1Wq5APb7lV_ke8ddYFshB54_myBzLqOjffJk0RUE_XFJ0N6o2fmQR4QcbdeTyJciNdkpFKlqeA8_NeDBrHoqIyunvpgWWrqN1nyymoaDgZHQq7FNsjaiD0kR7Ay0HBH0erZuhFYP8dCIs-cWggsu84rem-X5bj8XZFGnjx5WWvKSwZMzAIVIW7JRjtXOY8JVc7TnxfijiRJbaZ4CJBJ78YEkSvwospxFs5MnSkO-2VFeHajn0RqdLk4ZcipQIC_m9D6ta-IODUjlkQ9H_cNwyXWSIjAyTyjeIjc4fkDmAsva0lR-nLCnNIUg3R_AuCjg7aB8tAeATfVfvV8XB3GQCrWDbPxpz-HdWEPRy8QCpOY4N3HLsmkQN1_2uCMucDO60HmXZw1wIauEaIk7gLGvDS4HwHSYJGHcB6CLAy5g_1wVw7lGloOKVv21ACOqBIoFZ-MX1g2V-3HWTCC1W6E_j5odPmDnnJXRUyuR-v8B25hLta7F_vqtnqSd3j1c_dWETCHhcyvePnsDvUO_pTi07zqniH9F684r45eYRdv6YIUDdJhYlZPUu7wsozn1IaoV0L8FNhO7FT8OqsovoAmNvKasMxoVj4IGeu08xVfks45lIz4DcHPYNV7T2WENk7xE2SHgMEBlFJWBbFE6K5cZi2POwYb48_rjifucOdIgIsdCoNu3vvAttKE60-6HIWbvcwZd7CzApHxnU_9QywvSK4BHnEFl82KoZ77k2g-QFQdZ8YHD2tmW-veoNPhY5WYj8tvRgcUP7vAowKz9z-yhd2881b8PvTwqkCChWziiRxjBoHKH04wfBz_NMzmo5lfxdAhzhCV_kkGKRNORg9BwXZw3eX9yh2L6cKdSmkXJLUZ8rT96bW2Pih5Y57K86SDLlfuKUiyQ6AWvpofwHgdsHg0ISqfWf_bzwFxTFDObKV75lSR_V4lsccXCcaCJciIIoV5-13kvGXTmWLSmn9AlV5fG9Q7PoRIE5i0uwgEgHEwRidHSMe1lborR66Gq_0SYp_knTe8wDedtHk8JmeH5Ytdu9RFssJrhoPBhvN7QLm1Ky2bdA-vW9Mzg8Cyt7QFZMicZHLla0q6eP2CyxFOWpsycQtRxCbVupZW5Y-j5VbONkGl54rKKQi1JTCZxwXOGSByP7xJsKMB5HGCQi0eUIqmSpgisWfu7rk_A4UgeiCRSdFVO_1v2UZQvvre-Wmjbbpb-O3Aim1wWv6TyhA703xYbRkprVCzgE7gCBt1Or9xvxr-0Et5OI3s1wKC0GpOZFXFpXBSQwsuERzmlmhb7CFaLQ22-eE1nwNupkNwx7-ECtFU8Tyef8DrJ6fH2RtW7LsebDdvWUJMXsPC0E2yehkwn9xt2-NRro8ZuIjPHJaWXn9Kii9oRdo8kdI93MHxy-aoDEZfBSkXiRNlozXMCRSE_sXRb2K-Ig-tF-irw-ffl2JtpPhq14onXB_Ag30O3kXl8ZRZf2xleARW2twmTvBP5QAddWROCXD5cdwKvrUUnYzLi2XYvtqPMslOnw1dPXRJ6E2PQhJOJeIgPlIdX3QjAugQAVg6QAP2tfNx6fGqVnPS5tReKMfRFt5OtJ8-Yes1ZgjxByOkIoNQ0uxVQJ-sp4xO9HPCW_yfCs-DzMjUdgWw3MF65xxpqgwXboMyKVEVlA9t0qG2yMm19qNXDzVUXyWu_jiuWdToii1JtVOJ4tQXhs_L6dRGpx12QNy50csWvgbDzBm9-f20i-MP8N9SGLmDYXctduzUiH7a796cSivayouy7dyJ3gI9XKU5hqoIsRG9A0SDHWy6essrQrhwbjFhLnHoyTGZk_VXmGU0v46mygFQwfkSGB-1qbYkKJE7IkImXl32WEJCJh0bTOcgRajQjiEsC7PnMed1MQ68Grx6pDTuIWuD0oSJlSn47xOQf-HYB5olHps2zH3cRkfYV5mHQUQoMxV604BqnYqDZQ-hVUsTO6NE7rYSqJ-ATlbIarOinjkouZ-QHonai8Csljjb37fmuQsOFgydPj2H4JkNx00iL6vownkEgMf03TfYdCAZXnqmPbeP6rcMcJ-XmLdv2QdOZkgTJ9h-bmfjyjajP1Gto3_uYiWkc12ggYxSEXoyHRmsFHpflQoLnd35Bztru_UOB3jk9poX6jEzp2uLezB3gOrfD6ZNqoTDM0MkTkdacMOlGpoSx1TqsCMpAkM0mckOqc7EcB8dCsLNzQ3rodgEZFxh9O0D3VU2I9I44a21bbMKx5xLb5HUk2GgXArnsAtSfB4npd065SVD8KN1ET2RdGjlw5nJqqSzAjAyGP5H9nR81Jhx2UDlIj10CFsqZzoG-0_IHJd73P45-LmRhvJ4tEMK6Lemh3dec7r1P64D6w8gRTg_hGEDUhBPCe3iklnfVTwB2gebOq1UvcJhtiQLHZ66FSLRZL93sANrOmjlrpeBAUPdD9URkQqatikdzTdUsmM2HO0UKU5cibNuLq-v3EMs21cYdWKvPQI1w2XqPHknTAJrFwlfhBf1Vof9xYQFGlulqz1cE2IFrTmyXxl2b5Lxg24ZXOI8HfiBNBQc0Dv7UoRAr_Y_R01UjpS4n6DPqU6WjfRruxt3NYrKAsCM_rgufEFaqehSAiQFIxc_3iNprsXmqQublyDYMLYR-Owfx4h87hgWodaY4FVX0Ju8mSEj9L9W3x7oCZQaRQGN59W5zy-rRW8GjeILerv2fNlyB7uUcDERD5Yt2z4a3HiqVXT-e25QWZ0oa-hJQ4&cid=CAASFeRo7kPo7aE0D_lfcYA_jpLFGq3e9A&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:01:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 2851 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb49SgCIFGVW_7A4z8laXOPxJLiutDKYXtIjX0jxyRLmYpjnfTwFQUxnhkmDPb4thvAelfFH2mg1UvwogCInV47QspmdEKk15ncPcS5SKIATkciWeejmdqIACxN75fKlwZhsaC9uY2gtg0EPwA1CuhhlzyMg&dbm_d=AKAmf-ACLXr4XUbBVRT-uZr3udU4WCyx7HXmZR-9vfoof87IGECmASiVzgqodMFPLVkY5FvsYZVp7yCGoeUPvgMFj9gEMB2o89JnvpQ2V3BGPDD3zZB8aDw5jtC6iN7wjGPEP4wAFEqP0xrd_h0SjmLQCthCDkq5CDSSMCqW7Wbh6jEpPo185nIY1zxKWUJcGXK0KZXpmL7BuMC3fqLA5K4Y0Hza7fgzkXtj03f3J0mpWArANwHiBIEhSmevDGk9-cI83BUXeVeAIJfcdOFHhW1f64OO2rVFLoYFNNPxkcSmBJ7dXe1Wq5APb7lV_ke8ddYFshB54_myBzLqOjffJk0RUE_XFJ0N6o2fmQR4QcbdeTyJciNdkpFKlqeA8_NeDBrHoqIyunvpgWWrqN1nyymoaDgZHQq7FNsjaiD0kR7Ay0HBH0erZuhFYP8dCIs-cWggsu84rem-X5bj8XZFGnjx5WWvKSwZMzAIVIW7JRjtXOY8JVc7TnxfijiRJbaZ4CJBJ78YEkSvwospxFs5MnSkO-2VFeHajn0RqdLk4ZcipQIC_m9D6ta-IODUjlkQ9H_cNwyXWSIjAyTyjeIjc4fkDmAsva0lR-nLCnNIUg3R_AuCjg7aB8tAeATfVfvV8XB3GQCrWDbPxpz-HdWEPRy8QCpOY4N3HLsmkQN1_2uCMucDO60HmXZw1wIauEaIk7gLGvDS4HwHSYJGHcB6CLAy5g_1wVw7lGloOKVv21ACOqBIoFZ-MX1g2V-3HWTCC1W6E_j5odPmDnnJXRUyuR-v8B25hLta7F_vqtnqSd3j1c_dWETCHhcyvePnsDvUO_pTi07zqniH9F684r45eYRdv6YIUDdJhYlZPUu7wsozn1IaoV0L8FNhO7FT8OqsovoAmNvKasMxoVj4IGeu08xVfks45lIz4DcHPYNV7T2WENk7xE2SHgMEBlFJWBbFE6K5cZi2POwYb48_rjifucOdIgIsdCoNu3vvAttKE60-6HIWbvcwZd7CzApHxnU_9QywvSK4BHnEFl82KoZ77k2g-QFQdZ8YHD2tmW-veoNPhY5WYj8tvRgcUP7vAowKz9z-yhd2881b8PvTwqkCChWziiRxjBoHKH04wfBz_NMzmo5lfxdAhzhCV_kkGKRNORg9BwXZw3eX9yh2L6cKdSmkXJLUZ8rT96bW2Pih5Y57K86SDLlfuKUiyQ6AWvpofwHgdsHg0ISqfWf_bzwFxTFDObKV75lSR_V4lsccXCcaCJciIIoV5-13kvGXTmWLSmn9AlV5fG9Q7PoRIE5i0uwgEgHEwRidHSMe1lborR66Gq_0SYp_knTe8wDedtHk8JmeH5Ytdu9RFssJrhoPBhvN7QLm1Ky2bdA-vW9Mzg8Cyt7QFZMicZHLla0q6eP2CyxFOWpsycQtRxCbVupZW5Y-j5VbONkGl54rKKQi1JTCZxwXOGSByP7xJsKMB5HGCQi0eUIqmSpgisWfu7rk_A4UgeiCRSdFVO_1v2UZQvvre-Wmjbbpb-O3Aim1wWv6TyhA703xYbRkprVCzgE7gCBt1Or9xvxr-0Et5OI3s1wKC0GpOZFXFpXBSQwsuERzmlmhb7CFaLQ22-eE1nwNupkNwx7-ECtFU8Tyef8DrJ6fH2RtW7LsebDdvWUJMXsPC0E2yehkwn9xt2-NRro8ZuIjPHJaWXn9Kii9oRdo8kdI93MHxy-aoDEZfBSkXiRNlozXMCRSE_sXRb2K-Ig-tF-irw-ffl2JtpPhq14onXB_Ag30O3kXl8ZRZf2xleARW2twmTvBP5QAddWROCXD5cdwKvrUUnYzLi2XYvtqPMslOnw1dPXRJ6E2PQhJOJeIgPlIdX3QjAugQAVg6QAP2tfNx6fGqVnPS5tReKMfRFt5OtJ8-Yes1ZgjxByOkIoNQ0uxVQJ-sp4xO9HPCW_yfCs-DzMjUdgWw3MF65xxpqgwXboMyKVEVlA9t0qG2yMm19qNXDzVUXyWu_jiuWdToii1JtVOJ4tQXhs_L6dRGpx12QNy50csWvgbDzBm9-f20i-MP8N9SGLmDYXctduzUiH7a796cSivayouy7dyJ3gI9XKU5hqoIsRG9A0SDHWy6essrQrhwbjFhLnHoyTGZk_VXmGU0v46mygFQwfkSGB-1qbYkKJE7IkImXl32WEJCJh0bTOcgRajQjiEsC7PnMed1MQ68Grx6pDTuIWuD0oSJlSn47xOQf-HYB5olHps2zH3cRkfYV5mHQUQoMxV604BqnYqDZQ-hVUsTO6NE7rYSqJ-ATlbIarOinjkouZ-QHonai8Csljjb37fmuQsOFgydPj2H4JkNx00iL6vownkEgMf03TfYdCAZXnqmPbeP6rcMcJ-XmLdv2QdOZkgTJ9h-bmfjyjajP1Gto3_uYiWkc12ggYxSEXoyHRmsFHpflQoLnd35Bztru_UOB3jk9poX6jEzp2uLezB3gOrfD6ZNqoTDM0MkTkdacMOlGpoSx1TqsCMpAkM0mckOqc7EcB8dCsLNzQ3rodgEZFxh9O0D3VU2I9I44a21bbMKx5xLb5HUk2GgXArnsAtSfB4npd065SVD8KN1ET2RdGjlw5nJqqSzAjAyGP5H9nR81Jhx2UDlIj10CFsqZzoG-0_IHJd73P45-LmRhvJ4tEMK6Lemh3dec7r1P64D6w8gRTg_hGEDUhBPCe3iklnfVTwB2gebOq1UvcJhtiQLHZ66FSLRZL93sANrOmjlrpeBAUPdD9URkQqatikdzTdUsmM2HO0UKU5cibNuLq-v3EMs21cYdWKvPQI1w2XqPHknTAJrFwlfhBf1Vof9xYQFGlulqz1cE2IFrTmyXxl2b5Lxg24ZXOI8HfiBNBQc0Dv7UoRAr_Y_R01UjpS4n6DPqU6WjfRruxt3NYrKAsCM_rgufEFaqehSAiQFIxc_3iNprsXmqQublyDYMLYR-Owfx4h87hgWodaY4FVX0Ju8mSEj9L9W3x7oCZQaRQGN59W5zy-rRW8GjeILerv2fNlyB7uUcDERD5Yt2z4a3HiqVXT-e25QWZ0oa-hJQ4&cid=CAASFeRo7kPo7aE0D_lfcYA_jpLFGq3e9A&rfl=1%2Chttps%253A%252F%252Ftoolguyd.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9340
x-xss-protection
0
server
cafe
etag
14963318235020188028
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:04:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2851 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
URL: https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
truncated
/ Frame 2851 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de0595d0f4eea5b2dcaafe50f68da3cca1a6bbc59d350ef015b17023b196a712

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3E44 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		128 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308150708/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a97f6490db1effdb5701403eb26b870ba832015c7e7d5470605e892b438b158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9506911/1604308150708/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
23259
date
Mon, 02 Aug 2021 08:01:29 GMT
expires
Tue, 03 Aug 2021 08:01:29 GMT
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
11124
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2851 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTZz6u9xOTXYEU4vHMcUOgg8cdLzkBBvoJ2I4lXhQrajBih6cLcMUvY5lvd5vKbBIWuuoib0ic5ry2WILHIJ-NQhu5C_m7kCKhb6PoXCA-Rq4aIdLYESyw43HCj9coaRjTpW-p9puRFEcFNfjurp1FR-SKKbZyY3KvawkTi0Az1ublq9Fm6-AbIBdyrowRiQsNqAq-dF_eKvBB5vk-b7axBk7MMA1BDe2SgIoK0kRpcpuYZEPrg8exJZUXk4A0hQKeVWNJ-urnBgV5GEZ9i_kSVKDCyJSLlJ4VVG09CiwMdi_5e7jtV-LKpjq0HSnq6uzPw442XsiPtTTLNNn_98M_Jbh8bOlqSLRY8vTOzFNW-qr8dOV3GVvrcthOeIhNx3Khm0OX_qaM4TKiVas-RNuNF7V_XBzZzbxXAj1tdlBEFW_2wLPxrjqN9GLq7lhbpQeYXDckpgSYf5jSnXKfipU2MjfIeVDqZb-dg2XZItSsZK9RQW-r4D2g525Kp-8UTvMR8gCIzc3U2m_aq1hIrFruJ-A2-z9uBLLxyQFyyc7xJKkZoyGcuvjg9H7HVRJ7Rhx8pZqxkrn42AflSJGZMGyHXt5MsF-TwgGcLCJc-Uh-daQxE6IvUPT3-k9nFp9AmCFmp2wyUH_-ikv5Xu6TPGuP6kXVteccDJnpzq9ySPTDguVXjBBxTbAl1CeK6dp8QV3JMeEJb88tHyDLXRT4HoMHC-ky_mtZD1VgpS80KQ4yq-0gfAfe0L9OKoePfEg8jmTXzAKzpso-3szmUACe5ern6yrr70n35B8P9Vsn78l9Obm7kLoDlx3wUaKjkL4LzCVK-U3Fsu0p7O7RN6N8M2v3iNnGM3rQG4ziE3eds3GmZU8tdSHxYhZP_moUyMjmL0kiOap85jCngrYyHEvkE_DE4VZzK0wgZxsHTLrvKFZDs8r6i6wo9L0kF_XcioTFkXfi6322_BAAJguE-eGMFPXubb3rwb8wLlxUzeN0WE1j5ythBaZ3cIJdPwIUYAUQaLm_sRt2tfUa_2U9XxOj_L8i6xh96UExc2yvqs0bisZ4oAmUnoeeTDggT7Pfu6OBGrzbNpq10yhOustSYwByqsYidLWwPgfug-TQ-wjANMP29ievlgh-TfurCqZu&sai=AMfl-YTqT2UEg8tLgeiL7GipOp3rxzFSgW5ugIdSbnTS7go4pRvKDHz4GknrLFy4t__C1BkaxXaTG0kj9qFMh7DuisnuPpAUHfLNkPypwkGVu1Jx8SxvgpGGEIiTO3isD1xrO5D88_k6AvSZeeKcUm47DV3UZ65cpVZZxrFuF8w&sig=Cg0ArKJSzE9H_5wKlU6vEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&cbvp=1&cstd=84&cisv=r20210728.06762&adurl=
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 11:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 3E44 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
174343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 8037 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308150708/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 12:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Aug 2021 12:29:18 GMT
CoopCondBd.woff
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308150708/CoopCondBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308150708/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 05:43:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:11 GMT
server
sffe
age
19425
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29944
x-xss-protection
0
expires
Tue, 03 Aug 2021 05:43:08 GMT
CoopBd.woff
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308150708/CoopBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308150708/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:59:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
14821
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32612
x-xss-protection
0
expires
Tue, 03 Aug 2021 06:59:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2851 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTZz6u9xOTXYEU4vHMcUOgg8cdLzkBBvoJ2I4lXhQrajBih6cLcMUvY5lvd5vKbBIWuuoib0ic5ry2WILHIJ-NQhu5C_m7kCKhb6PoXCA-Rq4aIdLYESyw43HCj9coaRjTpW-p9puRFEcFNfjurp1FR-SKKbZyY3KvawkTi0Az1ublq9Fm6-AbIBdyrowRiQsNqAq-dF_eKvBB5vk-b7axBk7MMA1BDe2SgIoK0kRpcpuYZEPrg8exJZUXk4A0hQKeVWNJ-urnBgV5GEZ9i_kSVKDCyJSLlJ4VVG09CiwMdi_5e7jtV-LKpjq0HSnq6uzPw442XsiPtTTLNNn_98M_Jbh8bOlqSLRY8vTOzFNW-qr8dOV3GVvrcthOeIhNx3Khm0OX_qaM4TKiVas-RNuNF7V_XBzZzbxXAj1tdlBEFW_2wLPxrjqN9GLq7lhbpQeYXDckpgSYf5jSnXKfipU2MjfIeVDqZb-dg2XZItSsZK9RQW-r4D2g525Kp-8UTvMR8gCIzc3U2m_aq1hIrFruJ-A2-z9uBLLxyQFyyc7xJKkZoyGcuvjg9H7HVRJ7Rhx8pZqxkrn42AflSJGZMGyHXt5MsF-TwgGcLCJc-Uh-daQxE6IvUPT3-k9nFp9AmCFmp2wyUH_-ikv5Xu6TPGuP6kXVteccDJnpzq9ySPTDguVXjBBxTbAl1CeK6dp8QV3JMeEJb88tHyDLXRT4HoMHC-ky_mtZD1VgpS80KQ4yq-0gfAfe0L9OKoePfEg8jmTXzAKzpso-3szmUACe5ern6yrr70n35B8P9Vsn78l9Obm7kLoDlx3wUaKjkL4LzCVK-U3Fsu0p7O7RN6N8M2v3iNnGM3rQG4ziE3eds3GmZU8tdSHxYhZP_moUyMjmL0kiOap85jCngrYyHEvkE_DE4VZzK0wgZxsHTLrvKFZDs8r6i6wo9L0kF_XcioTFkXfi6322_BAAJguE-eGMFPXubb3rwb8wLlxUzeN0WE1j5ythBaZ3cIJdPwIUYAUQaLm_sRt2tfUa_2U9XxOj_L8i6xh96UExc2yvqs0bisZ4oAmUnoeeTDggT7Pfu6OBGrzbNpq10yhOustSYwByqsYidLWwPgfug-TQ-wjANMP29ievlgh-TfurCqZu&sai=AMfl-YTqT2UEg8tLgeiL7GipOp3rxzFSgW5ugIdSbnTS7go4pRvKDHz4GknrLFy4t__C1BkaxXaTG0kj9qFMh7DuisnuPpAUHfLNkPypwkGVu1Jx8SxvgpGGEIiTO3isD1xrO5D88_k6AvSZeeKcUm47DV3UZ65cpVZZxrFuF8w&sig=Cg0ArKJSzE9H_5wKlU6vEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=203&vt=11&dtpt=117&dett=3&cstd=84&cisv=r20210728.06762&adurl=
Requested by
Host: toolguyd.com
URL: https://toolguyd.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 11:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
coop.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/coop.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 12:56:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
79807
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7509
x-xss-protection
0
expires
Mon, 02 Aug 2021 12:56:46 GMT
Coop-Icon.png
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/Coop-Icon.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:59:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
14821
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3753
x-xss-protection
0
expires
Tue, 03 Aug 2021 06:59:52 GMT
Theke-frisch-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/Theke-frisch-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16567a7c25c8f64c0861b7eae3892722920bd09e5a77dd293799eb034194b551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 05:43:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:11 GMT
server
sffe
age
19425
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17005
x-xss-protection
0
expires
Tue, 03 Aug 2021 05:43:08 GMT
tete-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/tete-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4d27239f61f3f12e511f7774931c0d59c456971f9f6ef1d7a13a2408420d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:16:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:11 GMT
server
sffe
age
17405
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24916
x-xss-protection
0
expires
Tue, 03 Aug 2021 06:16:48 GMT
aufschnitt-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/aufschnitt-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6de2bd9b5cb6e9ebfbf874940becb16016151d713ee19049eab99dfe0965ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:59:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
14821
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15912
x-xss-protection
0
expires
Tue, 03 Aug 2021 06:59:52 GMT
brot-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/brot-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30302ebb7094c997809ca671e593375ba4e34efe494a86bc3003692ddd27099e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 11:06:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:11 GMT
server
sffe
age
28
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17048
x-xss-protection
0
expires
Tue, 03 Aug 2021 11:06:25 GMT
lachs-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/lachs-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
764a170851cb6e2d00a02685b39a0c28a3378a19c82a568c4cfbc5df52af8031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 08:11:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
10508
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21126
x-xss-protection
0
expires
Tue, 03 Aug 2021 08:11:45 GMT
Ka_se-300.jpg
s0.2mdn.net/9506911/1604308150708/ Frame 8037 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308150708/Ka_se-300.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81404aacb0d84988d864c671b075ca74f1baa4cebbb9f2b4c646233117d2d73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308150708/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:59:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:09:10 GMT
server
sffe
age
14821
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19900
x-xss-protection
0
expires
Tue, 03 Aug 2021 06:59:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E44 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhQWDzdEHYYm0KJH03wPC7JDoCQAAAAA4AeAEAg&bg=!SkmlSQ3NAAals0SOpbM7ACkAdvg8WupL4XCQA4Vy1nU0q6oRJjAKRnxaGzwakrF9FXCoLbYAZYR9kgIAAACyUgAAAAxoAQcKAF_aRjKq7CZ8I1ADxe0UV-SBwUrpd9Rm2bc_7FsYGHRIK2Y8pAUItCbxodMs2-KagARAn0WckYFHqZC1JfHj0wlSxXJYkXXi_N1VGMMCfUE3KYiOOFY_VUWu1vytTKtPn5kC1qLMj5Bjj-GGUFoN79OFzb4hpsOrExYhUENlLPWZCJkMq_i4hQam7mM5vNA7ptMDyII-sPF4YiYYlaRrqrWxd54j5rBCT6XA_7SDiPOVgJCo3H0HxQiRmjCEURXS5HdsTW8qqjUesSzA9_PcROHy80D6_jtEtg422A-bQ3iuzBT7aTul5ggVHBwvMptuHa7Dq5wyVWEX6XLw5BNSjGiE7wp5IeGyUCWSsxmpRyETgWYxVLlX9HadDIWG9NhU23lb8OBD5kermRIworrSYK4G1JZ7PHIFQz3DZ_FbpeqBBJpdn3zx9LQSPeRockxfTlm_2YgVwic39DPTn_seJVXe7-bi_4mJi8oKQpmrXvksm8nSU-ac2TzggMaRiM6Y99SUWmw0OXCfvZmUnrraUKtwVsa7DvfRheJiCqH-DB2BdTCBmye-Nu7Bj6bxV_X4Le-Og36xQCD2Fd4eKxZKU5VC9NZMFw-GfdWhI9Uig-PbBvzXFVs1BfUTd4u6-4LoqxNSrQFcppYQ_1ltXaKGKqWZsbbUbzXK08MsVWWoLjJ_5HPtQzlwIZFjVA6sQPaXmhZ82PZ1C6Cfr9tznOCRNGR1mRZPaZdGtG9k8EQ6o9luMemd1xfDEYyxpaiiyar7saNewrnVxKEcTAe3I4y5PAfBvyjQV4JhJzN-x6pJorlX3V75AZL-p_ODvQN0VVLbju6vr3zoli6Iy10TnTbaDY3TKwyjkz3a3RDr4-nz4DDJwboR67IAbYptefubIpqywYJo3TesIISdmapJhbEyuBpbh4E0k_H0U8t6YEsmjdBIL125lgVizG1PuFqttUdXTHfNojvdCaQXzeomaw5qcdb5JAV5iHEhiuuLPcsF_fFNRwpzkBLvkiEP4r4RVp1h5ItNh4z19800BFhZLNttvoxPhi-tfVWUXf_zy8aRBJEE1yzJFmOnatNFEoHanUIDAQyT9m57CzXpkA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5685 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzXLFFpC9NphhpCO_CHt_8X5FLQN352IWZFDEsVeWKvTO6DAF_ZZFqzPSn0llZpFZlxHQNA3gnqekjOcMQrmO487xPCvZAbsvtZ9rBsbu3D4DO8KFK1hLBP9U&sai=AMfl-YSD0KZ1u57V_Uz2bEtl9JJLiTDvamUMbJKRI2-RG3dFECjWEzB6eHfauCnHGzW7aIwuJGY3GEU3IuwR9UdrdkYgHKmL_TwbZ_Z1eqku6QHho0WRSMmgpNUE6F0uTv0&sig=Cg0ArKJSzM9PI4hn3fBDEAE&cid=CAASFeRooaVy8i-Pk-UxWE-f8Xb08fbybg&id=lidar2&mcvt=1001&p=212,985,462,1285&asp=212,985,462,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3077009389&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627902412863&dlt=27&rpt=199&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2851 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHkdDHBLDzFssuGgcz0ge6yqae6oiMxyygNtenS9OSYhNnwstzF8PFUZnCWBaKlLSaymzZ7Vl1IvU1UrB9o-RNxOwAnwLOBUd2jOmVjxyHq4utgIn0h9NyYXQ&sai=AMfl-YRbCXxiVL1B9x8TwJnMxM3srdCdst1taAxiYapDvQkmisr5GQNkKn_rs-mdr3_Z6l8BdzT3NF1mQM7DEObJdhlOlRgkCom8vz6B4GW0ahKveHKkWV_OYbTaJZBoaNM&sig=Cg0ArKJSzEiJhzKf1144EAE&cid=CAASFeRo7kPo7aE0D_lfcYA_jpLFGq3e9A&id=lidar2&mcvt=1001&p=796,985,1046,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1788092353&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627902413589&dlt=29&rpt=2&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpfS0iJmS8gIVUvp3Ch2VrQh1EAAYACCKlvJJQhMIt_P7h5mS8gIVVIp3Ch3UcQvJ;met=1;&timestamp=1627902423424;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5685 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpfS0iJmS8gIVUvp3Ch2VrQh1EAAYACCKlvJJQhMIt_P7h5mS8gIVVIp3Ch3UcQvJ;met=1;&timestamp=1627902423424;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:07:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyc7hiJmS8gIVEfp3Ch1CNgSdEAAYACDy2_1CQhMIoKStiJmS8gIVa4WDBx32Swco;met=1;&timestamp=1627902423906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2851 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyc7hiJmS8gIVEfp3Ch1CNgSdEAAYACDy2_1CQhMIoKStiJmS8gIVa4WDBx32Swco;met=1;&timestamp=1627902423906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 11:07:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| googletag object| gptAdSlots object| jetpackLazyImagesL10n object| _stq function| st_go function| linktracker_init object| wpcom object| wp object| google_tag_manager object| twemoji object| ggeac object| google_js_reporting_queue object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

4 Cookies

Domain/Path Name / Value
.toolguyd.com/ Name: _ga_BE9QF1X3MS
Value: GS1.1.1627902411.1.0.1627902411.0
.toolguyd.com/ Name: _ga
Value: GA1.1.1054521717.1627902412
.toolguyd.com/ Name: _gat_gtag_UA_3908677_2
Value: 1
.toolguyd.com/ Name: _gid
Value: GA1.2.373110569.1627902412

1 Console Messages

Source Level URL
Text
console-api log URL: https://toolguyd.com/blog/wp-content/cache/autoptimize/js/autoptimize_a6b2d763a2033e8da92c1649d0796860.js(Line 3)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59136419eb6a9d626009c365cf61d3b6.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
pagead2.googlesyndication.com
pixel.wp.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.wp.com
toolguyd.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.184.226
142.250.185.226
172.217.16.130
192.0.76.3
192.0.77.2
2.18.234.21
216.58.212.162
2606:4700:3036::ac43:91c9
2a00:1450:4001:800::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
07a09997b2b7c26efd6d1a3590951346d235408392b1a885f3c8412befa24484
07df2ad4f23c772a644f2be070d6a0467c1ba95bb3b26734074a04c3a75a8b37
0aba85cdb04bbf2be8769a01417e9f11915c1ec205e6cfc4d1f9db338756e5d7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
119c4fa0c29b6ec11ef4449b93e690989ad5dc52db4ff1ca13976319b4fa4198
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
16567a7c25c8f64c0861b7eae3892722920bd09e5a77dd293799eb034194b551
18c8350fc3d0c611323c0ef4e6152c171b7abbd8f7ed5d548aa58ef7540fe2b4
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1a97f6490db1effdb5701403eb26b870ba832015c7e7d5470605e892b438b158
2176798d89c5f39fc15b3fd857a4441dc0f4db1ce44206e7cafdb935235f89bb
286640d601ccb869f0e04bac7ae081752f48341a43b8b8dcd2efd4e977bc377f
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
300f0a0c303c7c8cf3d661c432c2a2591415f2f647a488339087af16c90cd705
30302ebb7094c997809ca671e593375ba4e34efe494a86bc3003692ddd27099e
33f8c554f38ee83780ec65cf06a15f7bad8f9c81c1c52ae0ab34b576f25596b0
34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e
3ec2161918df41f1365e2ad9a9cb2d1c199defae5b7dbd93e14dc293872a4cc3
4d8e1e9612c412c2ed9d439cfbf8f24742c4037e2cf2d4d20bf6895bf8f77444
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54197fb4d107c2359625a8db4a7a0d2c63b4e5868380ee346d87d9b1928285cb
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7220280c3d869c189c717a63b86f6225498eede86846871fea2d4cd0d976d629
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
75649a4d283510ac94c606b4caff999bf702a30c6eed611db9480bfdac9dd95b
764a170851cb6e2d00a02685b39a0c28a3378a19c82a568c4cfbc5df52af8031
781b52eda5cf7cc4646ec99b5b7808a7079421723f319fc6be8527c4bb8a1639
81404aacb0d84988d864c671b075ca74f1baa4cebbb9f2b4c646233117d2d73e
8990f0f6372d8de7aa0deffd631bdcf6160186b208eb0f16f0a0aba25bfd7c5d
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
8a8fe173fede199cae412dd645a674cd9ede4754d4d2e5f44fbc5210aaba9769
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
95d9e74033b110e9a96e5c65e88823ed0e5ba671f33c447ad9f0eb09c5b6312a
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9932b507c87692d1dc97ddeb4107ae64f4492ab322178b7dd41469736428f159
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9df8ef4e7728bcafa4ef67961cb55c067996dd9c721da26ec63e3cba975d2b94
9ff26d71f4535c44b64217a099b4c4d8c0a6300638e09a835479399e59e3c97e
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa4d27239f61f3f12e511f7774931c0d59c456971f9f6ef1d7a13a2408420d37
aea02d6860d38be238b71c164a9f22bba9f6feebc3df28bb7a29a66988bd19b8
aff86ff3c89779360b9a7bebd8b1192089c68e7c94a1006f1b2b1083ed24da83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c3a15bf90932a6f73f2f1b5f6fc2a68a5c20a72d3fc8957993b8c2e97a2454
b43f8eeaa548372e6af96d157c8eb622dfbe9fa4c9dd62ade823f64349b1ed60
b6314cf1ec6c89f6d865583bfba53446f0d9d5bac48875ed065d8beeddbfa9c5
b6a8440388caec930724077d7c51afb85a7fe7919accd2262a8d47c2070fe19e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cef58fc6bec3a346e6d370b60384fd876a5a4380b5a8d05ed3a9b40726ce47aa
d2cf387d90a03ec4489ef2a9db4dbe81054413dd28b2cacb23c8705d49d2133a
d44861583f107b3cbf608a4d89c111570ac1a1dee71c3afb80ada0adee6592ad
d669848f9f0c0cbcc426aa4e3ffb853aa1388e1775aab0604d1a115749c10e75
da3f2897ed228fd79113094730d29a4d341d9c3596d33a4c23fc5bf0cec936a3
dd361a3bc8dc3ab4eb4aec799bcbef83f735e51fb365822382bdd54f38d38472
de0595d0f4eea5b2dcaafe50f68da3cca1a6bbc59d350ef015b17023b196a712
de245c18fe5f7c9719b55d162a9d23dbf575829e0e9935004438add727f386cb
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6de2bd9b5cb6e9ebfbf874940becb16016151d713ee19049eab99dfe0965ebc
eda85cc307eb4b4fa2e2ba2ab5e711b4d0285ca79a60c5810584ddee29da7997
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb7c8ff814b911a5468dabc255818ab7e0baa22053a9067253c4326cd7801f9
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5f3fb1604f09c9156556f82dddcd188e7e13d0d9585f104d428b880858ba019