urlscan.io logo urlscan.io
SecurityTrails logo

kitchen.heenglish.com Open in urlscan Pro
2606:4700:3034::ac43:a65b  Public Scan

Go To Rescan Add Verdict Report
URL: https://kitchen.heenglish.com/
Submission: On December 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 8 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3034::ac43:a65b, located in United States and belongs to CLOUDFLARENET, US. The main domain is kitchen.heenglish.com.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2023. Valid for: 3 months.
This is the only time kitchen.heenglish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3034::ac43:a65b (United States)

ASN13335 (CLOUDFLARENET, US)
kitchen.heenglish.com
12    2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googleadservices.com
1    2607:f8b0:4004:c0b::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
344 KB
9 heenglish.com
kitchen.heenglish.com
193 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
54 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
47 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
42 8
Domain Requested by
12 pagead2.googlesyndication.com kitchen.heenglish.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 kitchen.heenglish.com kitchen.heenglish.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
42 10

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
heenglish.com
GTS CA 1P5		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://kitchen.heenglish.com/
Frame ID: 8D2FD6C7DE180F9B6548C472ADBF601A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 8B78BB931DF1BACD28101E29DD3FC211
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7785906137093181&output=html&adk=1812271804&adf=3025194257&lmt=1703732354&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fkitchen.heenglish.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703732354419&bpp=3&bdt=115&idt=149&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6555042587267&frm=20&pv=2&ga_vid=298781225.1703732355&ga_sid=1703732355&ga_hid=2075510138&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320884&oid=2&pvsid=255565980950816&tmod=1726368796&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=168
Frame ID: 3E5E89905F9CB92EC09296C78C302906
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E9674E4CCFB5AC700567BD446C4E5263
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 9FD79EFE36A630FC42AA4127374DEF62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E39895D8848BA630BAAF1FE06E072C0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63592FEF36210EAF80F2E18163E7F087
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kitchen.heenglish.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

42
Requests

95 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

11
IPs

1
Countries

705 kB
Transfer

1720 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYTlcguSMZY-AKOCH2fcPxYaygA2B28r-dPSDjsnIEmQQASCam8KbAWDJxqmLwKTYD6ABlfPZkirIAQmpAmKWaCjAw0k-qAMByAPLBKoE6gFP0ElHxtDQCHunOxn5tNNwh3PKebtX2mqjLQu5OhWlhh-6R7VdUmDKdwzJ9byzBAaBJ4YYwHuL46FiWxa-KIHIjC8cPyDVZqzwgok71uNKP37woMlIcT8BPnixK0pNruyOmLjIKp54A-jqn5HebBFaqd9ES9NHRVHy1xZYq8nVeI_-v7EfjDOIR5Z5ERaFKzwX1wvIQs7CDkd6PylnSnB-8HYjktyxbCG2TNiwfZQ_862yx-EQcxqQ-l_RblkxrqAuzB2c6V3upUt1G1zZsiXPlFXIins4HlW9QgXY29-2phGW7624__1xzD3ABImp89nCBIgFz_yA1UySBQQIBBgBkgUECAUYBKAGLoAHlauq8gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRColeoE0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljyxKfOkbGDA5oJ2gJodHRwczovL2tub3dsZWRnZXNoYXJlci5uZXQvYXJ0aWNsZS8xMDUzMD91dG1fdGVybT1ISVYlMjBCaWt0YXJ2eSUyMEluamVjdGFibGUlMjBNZWRpY2F0aW9ucyUyMGluJTIwW3N0YXRlXSxQcmUlMjBIaXYlMjBNZWRpY2F0aW9uJTIwaW4lMjBbc3RhdGVdLFByZSUyMEhpdiUyME1lZGljaW5lJTIwaW4lMjBbc3RhdGVdLFByZS1FeHBvc3VyZSUyMFByb3BoeWxheGlzJTIwKHByZXApJTIwRm9yJTIwSGl2LERlc2NvdnklMjBIaXYlMjBQcmVwJTIwTWVkaWNhdGlvbiUyMFRvJTIwUHJldmVudCUyMEFpZHMsTWVkaWNhdGlvbiUyMFRvJTIwUHJldmVudCUyMEFpZHMmY2FtcF9pZD0yNjQ1MjYmZ2RuMT1uZXR3b3JrgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBEKCxCQ8azYq86B2O4BEgIBA7gT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNzc4NTkwNjEzNzA5MzE4MRgA&sigh=RdS9Q08kxI4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_WmBx1kBphm-1ZBxNliNw4EBBOV4qCmZdjZexTaG_S2wzSeMNDsHUX4y9RTzFs_gUMALoAFLPEyWUwzhJYNDlSwhoBk0cOSTO-LUYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3a05f6e1e776fd00000000000000000%22,%222%22:%220x880c4aaa45324a380000000000000000%22,%223%22:%220xac0dda3c905552cc0000000000000000%22,%224%22:%220xdd02f7423c4003ad0000000000000000%22,%225%22:%220x73084d12ea551f0d0000000000000000%22},%22debug_key%22:%2211501408371661211246%22,%22debug_reporting%22:true,%22destination%22:%22https://knowledgesharer.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313510805%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214475179717444704129%22}&andc=true

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kitchen.heenglish.com/ 		60 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5228b16226d8b6545aac73ba64e132b5243b18fd78b5ec4554730521a05b9279

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c68bce2ad7199d-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 02:59:14 GMT
link
<https://kitchen.heenglish.com/index.php?rest_route=/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op%2F3AjkSx7n45Jj08Xaolv3AY%2Bnb2MsYfgK1XiQyT%2B4NKCnU2aNNStySo%2FWM%2FVL%2FokR8dTQBd1PAJQBmOf6OZM%2BFoelHvLAS0nUC31Ye%2BMzNR4CCsVX%2Fuo3xWc4%2F6lr7nJEMCh%2B1xiKfoM2CM2CCmOmvAyQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-ua-compatible
IE=edge
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b6c5f5c44b627e4614d296842782f6907d2c71bc5bb19e6041cb155345210c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitchen.heenglish.com/
Origin
https://kitchen.heenglish.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51251
x-xss-protection
0
server
cafe
etag
1536964026219198179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:59:14 GMT
style.min.css
kitchen.heenglish.com/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kitchen.heenglish.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 07:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1add3-6587d81e-904707;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWW6WDhSCgkJG%2BtfcX7E39pkShP%2BpUFPeqIVfueelzu2AcZewsd6UWvuFJ0yX6RjIgm6cG%2FnQdvPeMs%2FII6JkyRZWICVyEXutR0Uf8MrsbBblwJqnBPtxSgoOvtEuyOYTUvVFUEl8wyo0KNtpv%2BnWPIN5sY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83c68bce6b08199d-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jan 2024 02:59:14 GMT
main.min.css
kitchen.heenglish.com/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kitchen.heenglish.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 08:16:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4c6e-6587e8e2-979a2e;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijGaIkvK%2BbL%2FqLXBc5HJigcirNpPrZ9t9pB3cJTsDiyw7YCxxEsNsjO1RBw1T8nuEdWz74mOoVlsM0lPt9JsbFR9SRC%2BYrLYQk3oZrDGn6hnQ%2FibuzwAnAENIwrbdS0GYCgKpkTfKIrCtVwTC3PZMHQkwb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83c68bce6b0a199d-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jan 2024 02:59:14 GMT
can-you-put-blinds-in-the-dishwasher.jpg
kitchen.heenglish.com/wp-content/uploads/2023/12/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitchen.heenglish.com/wp-content/uploads/2023/12/can-you-put-blinds-in-the-dishwasher.jpg
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
275e8f992e3759ea9ec4454cdffe14853f43546f240e439bec4c8abd65d9432a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 12:31:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a021-6588249d-90633f;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjRQjON8nq67KF5y9lR4OF%2Fl3iTA3P5qoUIaozf3lSoHa3sCWUoNroREbizDv2tXbsIMW6vyKjj9RqN8IEdKWcet0neBUx9CFxtP8%2BwjvMcZ8wHdBnCZKyHzy3I9PCOL8mESaup4k1g5Ka5twq3bhfAQMEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83c68bce6b0c199d-EWR
alt-svc
h3=":443"; ma=86400
content-length
40993
expires
Thu, 04 Jan 2024 02:59:14 GMT
how-to-use-dishwasher-youtube.jpg
kitchen.heenglish.com/wp-content/uploads/2023/12/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitchen.heenglish.com/wp-content/uploads/2023/12/how-to-use-dishwasher-youtube.jpg
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b894544bfd770a62b9b953555712632b341b8d754b15dd9a6665ac2b4c9418

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 12:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d0b4-65882401-90633c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmnOTmW7U5hLNMpSNzlxUNMLxtz%2FYbyht5XVXNpdc9FiE0sY%2BRfmFoRU5i60kuFh%2F8xzsVHF31uwFeqQUVrea0RpaZF3tgc1LbZa5pxyaSjPPAqNvq22EXiuz0nQo%2BcWEo39xh5ouQv2wLKdMKVvVX2TMLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83c68bce6b0d199d-EWR
alt-svc
h3=":443"; ma=86400
content-length
53428
expires
Thu, 04 Jan 2024 02:59:14 GMT
hotel-where-giraffes-come-to-your-window.jpg
kitchen.heenglish.com/wp-content/uploads/2023/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitchen.heenglish.com/wp-content/uploads/2023/12/hotel-where-giraffes-come-to-your-window.jpg
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10dd4be5a1f0bba7a4e864f41eb6179797b772949431c3b4b4b36b9c36d62de8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 12:14:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7a0f-65882097-906333;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1qj1EaFuyyW7l1psMB3psw4bMHGb77tKfXcz0tpSxPj9WT5zT09ScVXAJTKH300mbNg2JkuQ0Tq0NuZPasclMfKQOaNrKJuGNyiWna0ABTcwMNSLww0Q0zAyAV23cQrpZNfgNY9uAxliRabj4z26qWl92o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83c68bce6b0e199d-EWR
alt-svc
h3=":443"; ma=86400
content-length
31247
expires
Thu, 04 Jan 2024 02:59:14 GMT
menu.min.js
kitchen.heenglish.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitchen.heenglish.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 24 Dec 2023 08:16:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1b3f-6587e8e2-979a53;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Fwp8fdiDVYTDcl4YMnjl6HkFgpTyH3SS%2F4HgyStDOkQTTRttDV57nsl7mrIuA8pPczWhk0M%2FPA9R%2F%2BrZF970IOWMRFhp4FA%2BCRSAlYicVKn5OdCEwUFsJJVwQYvjFpwdqK9wPoy9X2BxcZaielEUyONUKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83c68bce9b3e199d-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jan 2024 02:59:14 GMT
6581b262-bc50-4ab5-8be0-3797072e4950
https://kitchen.heenglish.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://kitchen.heenglish.com/6581b262-bc50-4ab5-8be0-3797072e4950
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
2.-Why-Coinbase-is-the-best-exchange-for-day-trading.jpg
kitchen.heenglish.com/wp-content/uploads/2023/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitchen.heenglish.com/wp-content/uploads/2023/12/2.-Why-Coinbase-is-the-best-exchange-for-day-trading.jpg
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5003ee41fac8c44cfb3bf92db53c82897ef3220f01d62b315a46ad851e54b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2365
alt-svc
h3=":443"; ma=86400
content-length
30750
last-modified
Sun, 24 Dec 2023 12:12:04 GMT
server
cloudflare
etag
"781e-65882014-906330;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUmXAqfZEOkUiGjVSA6wwTpgpEzaNjGBXvJ%2FanwTPf1M0FKBlYGvQ%2Fmb9O1NHQVIctj38lBMC6Z7MKzicqF8IWEz1M%2FSDHVMSHR40ZUfSDgKwNeHribvrjG4FGyYqxks4tE4xE80ShlWVhYFD6RHdKV%2Bayc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83c68bcee9f31829-EWR
expires
Thu, 04 Jan 2024 02:19:49 GMT
wp-emoji-release.min.js
kitchen.heenglish.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitchen.heenglish.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 07:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9773
etag
W/"4904-6587d81e-904de5;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KskoECHN2ofipvyNH%2BkxZnQLuagUlOZ5rfyHJlyh6zjHn7A62CFQIGn%2F3YQwm9lezK7ITEeic1uGJ%2BJLchSRTGDxOS9z314Tj24%2BgdWsJwoRqXH26ak%2FA9v69lqqbZAWC2lHvEkbjHyiMvVwpIjdz4pS1eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83c68bcee9fa1829-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jan 2024 00:16:21 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137920
x-xss-protection
0
server
cafe
etag
5399571436788735572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:59:14 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8B78 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitchen.heenglish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
28230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 19:08:44 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 19:08:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E5E 		149 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7785906137093181&output=html&adk=1812271804&adf=3025194257&lmt=1703732354&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fkitchen.heenglish.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703732354419&bpp=3&bdt=115&idt=149&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6555042587267&frm=20&pv=2&ga_vid=298781225.1703732355&ga_sid=1703732355&ga_hid=2075510138&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320884&oid=2&pvsid=255565980950816&tmod=1726368796&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c89b2e3fe20e87f89b102ca3d1f9603c11a521b0e3ba088cb6ccbaabe3ec3d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitchen.heenglish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45844
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 02:59:15 GMT
expires
Thu, 28 Dec 2023 02:59:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://kitchen.heenglish.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://kitchen.heenglish.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94ba7a5dc1b9ef7f00ff51157a06e9c75f52da9bdf04d114c3263c3f98bcc367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55995
x-xss-protection
0
server
cafe
etag
15090547293979274280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:59:15 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E967 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitchen.heenglish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 23:33:52 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 23:33:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame E967 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 02:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 01:24:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 02:59:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E967 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 05:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 05:53:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E967 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 03:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
84229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 03:35:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E967 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 20:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
22941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 20:36:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E967 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 07:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
70579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 07:22:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E967 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:59:15 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame E967 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 04:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 04:37:23 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/7210774015795720482/ Frame E967 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7210774015795720482/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6752b786e354d412bf25d70eebc7246de8476ffe09a537615009c06fbca90572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 15:53:36 GMT
date
Tue, 26 Dec 2023 15:53:36 GMT
x-content-type-options
nosniff
age
126339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22257
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 11:36:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/8549610584945274010/ Frame E967 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8549610584945274010/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0df3e78ef94622b0a4cb9b4fe8823ea6a3d5fbf720e9a667900c938c33fb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 10:01:35 GMT
date
Tue, 26 Dec 2023 10:01:35 GMT
x-content-type-options
nosniff
age
147460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3897
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 11:36:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame E967 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf131434f24d3c391eca3adb23bb21317a50ecbb4a098ea76f386f4f8ccfd018

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E967 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 09:18:29 GMT
x-content-type-options
nosniff
age
409246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 09:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E967 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 04:35:26 GMT
x-content-type-options
nosniff
age
167029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 04:35:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame E967
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYTlcguSMZY-AKOCH2fcPxYaygA2B28r-dPSDjsnIEmQQASCam8KbAWDJxqmLwKTYD6ABlfPZkirIAQmpAmKWaCjAw0k-qAMByAPLBKoE6gFP0ElHxtDQCHunOxn5tNNwh3PKebtX2mqjLQu...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3a05f6e1e776fd00000000000000000%22,%222%22:%220x880c4aaa45324a380000000000000000%22,%223%22:%220xac0dda...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3a05f6e1e776fd00000000000000000%22,%222%22:%220x880c4aaa45324a380000000000000000%22,%223%22:%220xac0dda3c905552cc0000000000000000%22,%224%22:%220xdd02f7423c4003ad0000000000000000%22,%225%22:%220x73084d12ea551f0d0000000000000000%22},%22debug_key%22:%2211501408371661211246%22,%22debug_reporting%22:true,%22destination%22:%22https://knowledgesharer.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313510805%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214475179717444704129%22}&andc=true
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc3a05f6e1e776fd00000000000000000","2":"0x880c4aaa45324a380000000000000000","3":"0xac0dda3c905552cc0000000000000000","4":"0xdd02f7423c4003ad0000000000000000","5":"0x73084d12ea551f0d0000000000000000"},"debug_key":"11501408371661211246","debug_reporting":true,"destination":"https://knowledgesharer.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313510805"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"14475179717444704129"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 28 Dec 2023 02:59:15 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 28 Dec 2023 02:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc3a05f6e1e776fd00000000000000000","2":"0x880c4aaa45324a380000000000000000","3":"0xac0dda3c905552cc0000000000000000","4":"0xdd02f7423c4003ad0000000000000000","5":"0x73084d12ea551f0d0000000000000000"},"debug_key":"11501408371661211246","debug_reporting":true,"destination":"https://knowledgesharer.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313510805"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"14475179717444704129"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc8b2f3d70c62dbd806eab730852a7f79ff138003b848e0e098da666e350827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12209
x-xss-protection
0
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 9FD7 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: kitchen.heenglish.com
URL: https://kitchen.heenglish.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
63713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 09:17:22 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://kitchen.heenglish.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3a05f6e1e776fd00000000000000000%22,%222%22:%220x880c4aaa45324a380000000000000000%22,%223%22:%220xac0dda3c905552cc0000000000000000%22,%224%22:%220xdd02f7423c4003ad0000000000000000%22,%225%22:%220x73084d12ea551f0d0000000000000000%22},%22debug_key%22:%2211501408371661211246%22,%22debug_reporting%22:true,%22destination%22:%22https://knowledgesharer.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313510805%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214475179717444704129%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 02:59:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 02:59:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E398 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitchen.heenglish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 23:18:23 GMT
expires
Thu, 26 Dec 2024 23:18:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6359 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec894cf3bb096af577e76ef22ba12396e4480738025e5dd782563edc98cf0e05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--yKW_rSWrjNSegFg82Kr9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kitchen.heenglish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--yKW_rSWrjNSegFg82Kr9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 02:59:15 GMT
expires
Thu, 28 Dec 2023 02:59:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E398 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:42:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
29788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 18:42:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6359 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=255565980950816&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E398 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ekTlcA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:59:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=255565980950816&bg=!oqGloe7NAAY3kmNgF5I7ADQBe5WfOOW2yDu49f5ggS2gSv1bmVrKcG5S7CKH3cybB-zifKXYZk3kMvxvxmVABy9XcSIDAgAAAFZSAAAAAmgBBwoAGhC4AesSPAi2R9V2eLDaapz3ZpMP2e9hNt_emQMPfC0mKytE2kmRFMdc_6AfsKxMm_3j4YQq_pklFin7V-hpfD64oFmPH6TiI1sivSfO8XbHRQyyJc-1a9QmWh0p60oIyHij_MCR20h0Sb9gx6JGO7uo1cMqsbDaYW5G3G3G0cEZrWoqang8a-KoERrV1il55RDaaYXLTS-pSa9LNJUv-t1sIeRtZFR605FZ849AmiFBmaT44Nhfek_tdsQeeUw0542Ja6hmdcEMcByysQWvVHpHUf8MQ33KcYVUXxt9xIlSi6LgH34qw54Vf1aKzUCzibWCEQ8UDx0_2H9gw_SulaGsLUKcWePJSRKmN3DZpF3SI1l_NjbKRVg9bqonNp7xRR85ZnFq_N8cgUzY4GcrcoDObd75yrGv6_Z3sYGmI9MmeTQ7fHkbhE2W_FBppx6shJJ_qdTrkzsUFrMJzJAzDuNjwSKY-4ik8fR51vFtg24rCKG-ILW2KFGBRsWa6XAWqanXoPgU78faKZ65J5ssR3G0RBhpBvyJGBd-cwq4ElgloOn8o6fQclwJojI_mfoM_mtDOo-R1JndEwDbj6nQgxQw1o-0yQetQntGnWUkLkdj583h8I0AxFXLMnAdP68iNejli7TFTK8S9lWHFf5UVBtB3DojSvKGrpZVfdfip3Ji6OIqotv4xcsMmoiR0lpcA9S0kpDxINBu3t8uGYQR5LV4tdqRJFQPU3pkqiZNzSKNPDh28exqfda3wNZhbyPtbSoi84Q3zOYZuJaAqTylwRxrms1qUlYGKUtP04Xv_bMbNJGM8VUZWuhVsrfnsy60fXeS3rPuLrRlLI_ZQzQeHZ5OkNBYn1toxgJKpsLU0OcTtZTdzz548JJhanP_1dB2LYLJwqWDedR5tlSo_hdy47sImI1C1ARGyIJM8SvPKV2lgddzVUzfEvY9NAb5MDt934x0Hrqdry0BbNf8-h_8kE4sO9XYzUD4XojLws5NUAlteQXVYV4QgDnbvvVT_D7yDxlZ5wZj9Gf88T-3nNJ7acRYwGdjF8NxfWwtOFOMZtcjIkJ4U43fTR7xGzy4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kitchen.heenglish.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E967 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNCYqN9xtHr0Mq1OXUSnpOB4zO1YYH3i3FEd9-C33ZGVM1SJONOQKTFtyN-DDxyRkMT-O3zjlDNLUnRYRC3juIeV3wimUqmJG5HePLVEdRva396Edhb1J0gOUySkN9Y-KT0u8um8WS_Q79flJy8UeHlP2R&sai=AMfl-YRumHT3J0lZimAX6mjd90j2KisotzAIYEIrCKHx5dUsyTv_xsKlbICXbZ-EkSO8NH0aSe1nrd8QRJY3QPf_dKYLIs26xMQC3sYoqTSVZI3cUjGnjfretJpep0ZkC_pXXCppsIBxmEQDz6wwBBQ4Tg&sig=Cg0ArKJSzMZxdk0o5d5aEAE&cid=CAQSTwAvHhf_WmBx1kBphm-1ZBxNliNw4EBBOV4qCmZdjZexTaG_S2wzSeMNDsHUX4y9RTzFs_gUMALoAFLPEyWUwzhJYNDlSwhoBk0cOSTO-LUYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,753,1000,1090,1187&tos=83,670,247,90,97&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703732355344&rpt=190&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:59:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| _wpemojiSettings object| generatepressMenu object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.heenglish.com/ Name: __gads
Value: ID=80634aa6788e7645:T=1703732354:RT=1703732354:S=ALNI_Mb6J5eAn0hurGC6mw7h9mXvGuBj4w
.heenglish.com/ Name: __gpi
Value: UID=00000dae87288242:T=1703732354:RT=1703732354:S=ALNI_MYPnXLfGKh81l3z6EN7ZFPccKAvOQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnpOunt_7zfZBOPDw439nRItv4C3NHA27dkQhSsGFZsOygJ5iHFq5KTcDAtOe0
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kitchen.heenglish.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.251.16.156
2606:4700:3034::ac43:a65b
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c0b::93
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::84
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0b6c5f5c44b627e4614d296842782f6907d2c71bc5bb19e6041cb155345210c4
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10dd4be5a1f0bba7a4e864f41eb6179797b772949431c3b4b4b36b9c36d62de8
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
275e8f992e3759ea9ec4454cdffe14853f43546f240e439bec4c8abd65d9432a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38b894544bfd770a62b9b953555712632b341b8d754b15dd9a6665ac2b4c9418
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4c89b2e3fe20e87f89b102ca3d1f9603c11a521b0e3ba088cb6ccbaabe3ec3d0
4dc8b2f3d70c62dbd806eab730852a7f79ff138003b848e0e098da666e350827
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5228b16226d8b6545aac73ba64e132b5243b18fd78b5ec4554730521a05b9279
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6752b786e354d412bf25d70eebc7246de8476ffe09a537615009c06fbca90572
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7b0df3e78ef94622b0a4cb9b4fe8823ea6a3d5fbf720e9a667900c938c33fb2a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
94ba7a5dc1b9ef7f00ff51157a06e9c75f52da9bdf04d114c3263c3f98bcc367
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
bf131434f24d3c391eca3adb23bb21317a50ecbb4a098ea76f386f4f8ccfd018
cf5003ee41fac8c44cfb3bf92db53c82897ef3220f01d62b315a46ad851e54b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
ec894cf3bb096af577e76ef22ba12396e4480738025e5dd782563edc98cf0e05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615