trustedsource.us Open in urlscan Pro
162.144.7.229 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://trustedsource.us/
Submission: On December 05 via manual (December 5th 2021, 11:26:59 am UTC) from AU — Scanned from US

Summary HTTP 137 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 137 HTTP transactions. The main IP is 162.144.7.229, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is trustedsource.us.

This is the only time trustedsource.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	162.144.7.229 162.144.7.229	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
4	2001:67c:4e8:... 2001:67c:4e8:1033:5:100:0:a	62041 (TELEGRAM) (TELEGRAM)
1 2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
137	15

29 162.144.7.229 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-7-229.unifiedlayer.com

trustedsource.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2008 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:67c:4e8:1033:5:100:0:a (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	468 KB
29	trustedsource.us trustedsource.us	3 MB
27	gstatic.com fonts.gstatic.com www.gstatic.com	330 KB
13	doubleclick.net googleads.g.doubleclick.net	169 KB
8	googleapis.com fonts.googleapis.com	6 KB
5	googletagservices.com www.googletagservices.com	183 KB
4	telegram.org telegram.org	42 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com	54 KB
1	googleadservices.com partner.googleadservices.com	648 B
1	google-analytics.com www.google-analytics.com	346 B
0	Failed function sub() { [native code] }. Failed
137	12

	Domain	Requested by
29	trustedsource.us	trustedsource.us
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	trustedsource.us pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
15	www.gstatic.com	googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net trustedsource.us
12	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	trustedsource.us googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	telegram.org	trustedsource.us telegram.org
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	1 redirects trustedsource.us
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
0	resolve Failed	trustedsource.us
137	15

This site contains links to these domains. Also see Links.

Domain
t.me
superbthemes.com

Subject Issuer	Validity	Valid
trustedsource.us R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2021-09-10` - `2022-10-09`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://trustedsource.us/
Frame ID: B1422ECEF6EF1A38C7382061EAA26B2A
Requests: 44 HTTP requests in this frame

Frame: tg://resolve?domain=infowarsnew
Frame ID: 1B39AE0870A13ABC7A3ACBEEE32253AA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: ED330649E71404D8BECAA440648D890B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&adk=1812271804&adf=3025194257&lmt=1638497895&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftrustedsource.us%2F&ea=0&flash=0&pra=5&wgl=1&dt=1638703614541&bpp=3&bdt=853&idt=298&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3844171193240&frm=20&pv=2&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: 77DE8F14D0381321D8272C2FE94DC521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=100&slotname=9988670153&adk=104031582&adf=3178948119&pi=t.ma~as.9988670153&w=320&lmt=1638497895&psa=0&format=320x100&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&wgl=1&dt=1638703614544&bpp=2&bdt=855&idt=321&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=820&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=b1ALtE4ALo&p=http%3A//trustedsource.us&dtd=326
Frame ID: D3A29A01EF390C60F50052AD41742D18
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BD7273C3CC4A4C7E05B59EC10C2AA87F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=3264512814&adf=202238267&pi=t.aa~a.2277143977~rp.1&w=1180&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1180x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=2&bdt=2472&idt=-M&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100&nras=2&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vsyOfF2SvA&p=http%3A//trustedsource.us&dtd=15
Frame ID: 1E39582B660B4C2BFEF6F3EC576AE0CC
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=83862074&adf=701034044&pi=t.aa~a.975067266~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1130x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=1&bdt=2473&idt=1&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100%2C1180x280&nras=3&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=3236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ctrp72ddKu&p=http%3A//trustedsource.us&dtd=23
Frame ID: 05690E3B468E11C3264133651EDFE100
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 93C63307553492191E87B961CFC5D2D2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 49A090F1E9A1B47DC877C9A1E7B2F791
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4D281537230B8985F73E862DD4CE992C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: BE78769F5F0DFA4339778D0A739E343B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 35E8F4FB6C1EBB75212BDC5144C07F80
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 1376B962F836045816ABDBC38794D491
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 00530863C67045DED7021DF2D293F059
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 2A7BD8816A4DD2456612766D700BEA42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9307E060F94DBD4A69D81953D693B4E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BD54D3AC9799C3CDCABE2442B8E13F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trusted Source – Info US

Page Statistics

137
Requests

93 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

4220 kB
Transfer

6369 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/infowarsnew
Title: Follow us on Telegram

Search URL Search Domain Scan URL

URL: https://superbthemes.com/
Title: Newspaperly WordPress Theme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71 HTTP 302
https://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

137 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
trustedsource.us/ 48 KB
17 KB 327ms
179ms Document
text/html 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://trustedsource.us/
Protocol: HTTP/1.1
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: nginx/1.19.10 /
Resource Hash: 59a01b398256f0ec52dc2114d08253afb5e95de5b30e1c42ebe0a6231ec7b1cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

Date: Sun, 05 Dec 2021 11:26:53 GMT
Server: nginx/1.19.10
Content-Type: text/html
Last-Modified: Fri, 03 Dec 2021 02:18:15 GMT
Accept-Ranges: none
Cache-Control: max-age=7200
Expires: Sun, 05 Dec 2021 13:26:53 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: false
Transfer-Encoding: chunked

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71
https://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71

141 KB
53 KB

231ms
94ms

Script
application/javascript

2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11df080d7b88d6489f1c2bd22df89648ac5b99fc11e78a1268a6a3674cdb3f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54287
x-xss-protection: 0
expires: Sun, 05 Dec 2021 11:26:54 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71
Date: Sun, 05 Dec 2021 11:26:53 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 style.min.css
trustedsource.us/wp-includes/css/dist/block-library/ 79 KB
14 KB 455ms
264ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Jul 2021 03:12:19 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14560
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H2 200 style.min.css
trustedsource.us/wp-includes/css/dist/components/ 119 KB
27 KB 488ms
296ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/css/dist/components/style.min.css?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Jul 2021 03:12:19 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H2 200 wptelegram-widget--blocks.c6bba460.css
trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/css/ 2 KB
633 B 488ms
297ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/css/wptelegram-widget--blocks.c6bba460.css?ver=1638490496
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 14f84067c4fcd3b1849424e7452aef05467efc71e56a37c485f322e27749a6f6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Dec 2021 00:14:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 597
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H2 200 wptelegram-widget--public.3d0c567f.css
trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/css/ 189 B
351 B 330ms
139ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/css/wptelegram-widget--public.3d0c567f.css?ver=1638490496
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: f505721ee18395f6daf5e931b0a05dffe424af64b9d1ad3688952c1c5136b221

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Dec 2021 00:14:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 158
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H2 200 font-awesome.min.css
trustedsource.us/wp-content/themes/newspaperly/css/ 30 KB
7 KB 335ms
145ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/css/font-awesome.min.css?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7114
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H2 200 style.css
trustedsource.us/wp-content/themes/newspaperly/ 45 KB
14 KB 392ms
201ms Stylesheet
text/css 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/style.css?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 0e7b8244ae1de888553871f9fcb220d1119da5bac453ed7f31415bc4ea151ea5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14322
expires: Tue, 04 Jan 2022 11:26:53 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 145ms
115ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=5.8.2

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7135f3fc8d8803f4b761a7646816a860af71831332a51a80ae3d457c7b60b8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 11:26:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 05 Dec 2021 11:26:53 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Dec 2021 11:26:53 GMT

GET
H2 200 frontend-gtag.min.js Show response
trustedsource.us/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
4 KB 399ms
209ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.2.0
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 02 Dec 2021 00:48:37 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 3785
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 jquery.min.js Show response
trustedsource.us/wp-includes/js/jquery/ 87 KB
38 KB 400ms
210ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Jul 2021 03:12:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
trustedsource.us/wp-includes/js/jquery/ 11 KB
5 KB 482ms
293ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 4618
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 234ms
95ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5299499940500604

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

955b263d6c91c12cebcf6da0fa4834f01d2e2d3e7ba3e109e567681de5470c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trustedsource.us/
Origin: http://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51214
x-xss-protection: 0
server: cafe
etag: 17450038814326140882
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Dec 2021 11:26:54 GMT

GET
H2 200 wp-emoji-release.min.js Show response
trustedsource.us/wp-includes/js/ 18 KB
5 KB 106ms
105ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Jul 2021 03:12:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 5243
expires: Sun, 05 Dec 2021 17:26:54 GMT

GET
H2 200 wptelegram-widget--public.f398a08e.js Show response
trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/js/ 1 KB
728 B 411ms
264ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/plugins/wptelegram-widget/assets/static/js/wptelegram-widget--public.f398a08e.js?ver=6f2d48cea875402034a64db7d2baf0b0
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 6bbc194b7b471c236c4cd6d1077e56bba2ef4a8cb1820713bec002bc267cde48

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Dec 2021 00:14:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 692
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 navigation.js Show response
trustedsource.us/wp-content/themes/newspaperly/js/ 3 KB
1 KB 427ms
281ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/js/navigation.js?ver=20170823
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1168
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 skip-link-focus-fix.js Show response
trustedsource.us/wp-content/themes/newspaperly/js/ 685 B
453 B 440ms
294ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 417
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 jquery.flexslider.js Show response
trustedsource.us/wp-content/themes/newspaperly/js/ 53 KB
16 KB 442ms
297ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 16281
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 script.js Show response
trustedsource.us/wp-content/themes/newspaperly/js/ 4 KB
1 KB 440ms
295ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/themes/newspaperly/js/script.js?ver=20160720
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 27 Nov 2021 18:03:48 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1228
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 script.js Show response
trustedsource.us/wp-content/plugins/visual-footer-credit-remover/ 140 B
177 B 439ms
293ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-content/plugins/visual-footer-credit-remover/script.js?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 3a70d4f27e5fd6c8f262ed7531bf2f8e9207b467d0f0c919f16248fe923e7e80

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 26 Jun 2021 19:53:53 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 119
expires: Sun, 05 Dec 2021 17:26:53 GMT

GET
H2 200 wp-embed.min.js Show response
trustedsource.us/wp-includes/js/ 1 KB
886 B 351ms
206ms Script
application/javascript 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 07 Jan 2021 02:59:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 777
expires: Sun, 05 Dec 2021 17:26:53 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
346 B 214ms
76ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HC2W1XST71&gtm=2oec10&_p=1742683163&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=111019057.1638703614&_s=1&dl=http%3A%2F%2Ftrustedsource.us%2F&dt=Trusted%20Source%20%E2%80%93%20Info%20US&sid=1638703614&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.forceSSL=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-HC2W1XST71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://trustedsource.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://trustedsource.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bideenn.jpg
trustedsource.us/wp-content/uploads/2021/12/ 97 KB
98 KB 203ms
202ms Image
image/jpeg 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/12/bideenn.jpg
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: d0a4d9b217e50e765c6b577563f38c90d3da20d9ee12216975c9a57468fda353

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Fri, 03 Dec 2021 02:07:56 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 99658
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 Screenshot_1.png
trustedsource.us/wp-content/uploads/2021/12/ 392 KB
395 KB 106ms
106ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/12/Screenshot_1.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 763c9261be2913e2be6ee932e75c9b725c74e723ef14d44f0fbc650c99c4ac38

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Fri, 03 Dec 2021 00:40:51 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 401909
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 Screenshot_3.png
trustedsource.us/wp-content/uploads/2021/12/ 270 KB
272 KB 129ms
128ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/12/Screenshot_3.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: a5ade5d2cc2192a962c86f884df8d637800740bc438007d6120ccc97203f7e04

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Wed, 01 Dec 2021 23:50:44 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 276518
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 23sdsdsd.png
trustedsource.us/wp-content/uploads/2021/09/ 565 KB
566 KB 293ms
293ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/09/23sdsdsd.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 032943dd592de82e65d27f795895597074180f5e0c976f61554d5b02628cf077

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Wed, 29 Sep 2021 19:01:49 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 578873
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 232dsdsd1.png
trustedsource.us/wp-content/uploads/2021/09/ 449 KB
450 KB 200ms
200ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/09/232dsdsd1.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: f11710fd96374adb4475cfc1bc9ae14c333145c64c810d9dc29e7b31fbe2beb1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Mon, 27 Sep 2021 19:36:21 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 459384
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 2323dssdssd1-850x508.png
trustedsource.us/wp-content/uploads/2021/09/ 322 KB
322 KB 200ms
199ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/09/2323dssdssd1-850x508.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 8835247d09615ecd7685b6e3cd9782440a16bb9cf746ccc8a9cdeb3c16134429

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 20:14:53 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 329653
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 2323sddfdf1.png
trustedsource.us/wp-content/uploads/2021/08/ 236 KB
236 KB 198ms
198ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/08/2323sddfdf1.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 6d37456d51f978e5156c6dc58c77f71f7b40e11675ecced620bd6a60b2421e93

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Sun, 08 Aug 2021 22:11:57 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 241803
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 23sdfddfvc1.png
trustedsource.us/wp-content/uploads/2021/08/ 238 KB
238 KB 199ms
198ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/08/23sdfddfvc1.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: e0e72a3e680be2687dce309822c98d6bdb5502ef59baa90f744889ea53d81a7e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Sun, 08 Aug 2021 22:11:50 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 243644
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 2323fdfd1.png
trustedsource.us/wp-content/uploads/2021/08/ 198 KB
198 KB 197ms
197ms Image
image/png 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/08/2323fdfd1.png
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 85ae6beb34e0e906fe1b88ee87ca6a7ab72f53b748ddf00e61f684a5bb1c156f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Sun, 08 Aug 2021 22:11:43 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 202849
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H2 200 0_Screen-Shot-2021-01-07-at-013240.jpg
trustedsource.us/wp-content/uploads/2021/07/ 35 KB
35 KB 289ms
289ms Image
image/jpeg 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustedsource.us/wp-content/uploads/2021/07/0_Screen-Shot-2021-01-07-at-013240.jpg
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: 4b995443be8220c690e773e586ec77eedf9d45230752feb939af744cb4e76f6f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
x-nginx-cache: WordPress
last-modified: Sun, 08 Aug 2021 22:11:39 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36205
expires: Mon, 05 Dec 2022 11:26:54 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v27/ 19 KB
20 KB 128ms
98ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v27/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=5.8.2

Protocol

HTTP/1.1

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a2b7b5ed14b466f41c272f268e0f6fa9f38c34d0ca6a5748accf006b313258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 13:23:22 GMT
X-Content-Type-Options: nosniff
Age: 338612
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19724
X-XSS-Protection: 0
Last-Modified: Tue, 30 Nov 2021 20:49:12 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 01 Dec 2022 13:23:22 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 129ms
99ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=5.8.2

Protocol

HTTP/1.1

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 17:55:22 GMT
X-Content-Type-Options: nosniff
Age: 322292
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23484
X-XSS-Protection: 0
Last-Modified: Tue, 10 Aug 2021 00:19:01 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 01 Dec 2022 17:55:22 GMT

GET
H/1.1 200
OK u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v27/ 20 KB
20 KB 130ms
100ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v27/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=5.8.2

Protocol

HTTP/1.1

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 22:58:40 GMT
X-Content-Type-Options: nosniff
Age: 390494
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20024
X-XSS-Protection: 0
Last-Modified: Tue, 30 Nov 2021 20:49:38 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 30 Nov 2022 22:58:40 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 128ms
99ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=5.8.2

Protocol

HTTP/1.1

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 11:27:27 GMT
X-Content-Type-Options: nosniff
Age: 604767
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 22992
X-XSS-Protection: 0
Last-Modified: Tue, 10 Aug 2021 00:18:57 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Mon, 28 Nov 2022 11:27:27 GMT

GET
H2 200 / Show response
trustedsource.us/wptelegram/widget/view/@infowarsnew/ Frame 1B39 4 KB
2 KB 1706ms
1706ms Document
text/html 162.144.7.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustedsource.us/wptelegram/widget/view/@infowarsnew/
Requested by: Host: trustedsource.us
URL: http://trustedsource.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.7.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-7-229.unifiedlayer.com
Software: Apache /
Resource Hash: aff3ddf1a0e8e72e6121bf768e3a4427e2de852241addc2379d6211151a2a105

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 1426
link: <https://trustedsource.us/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=7200
expires: Sun, 05 Dec 2021 13:26:54 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 272 KB
98 KB 163ms
92ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5299499940500604

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8418ecf07079bd3d838ba5826b6c8cd60be4bff5d35cd1f5e18a2c5bdfcef9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100160
x-xss-protection: 0
server: cafe
etag: 11530802596612973073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Dec 2021 11:26:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame ED33 11 KB
5 KB 201ms
63ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5299499940500604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Dec 2021 15:51:56 GMT
expires: Sat, 18 Dec 2021 15:51:56 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 70498
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 201ms
73ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=trustedsource.us&callback=_gfp_s_&client=ca-pub-5299499940500604

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

d9d4f0fd14d09c65f56685effc78115b0845ba8e625ed9d714990f75147c8f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 221ms
82ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trustedsource.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Dec 2021 11:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 77DE 277 KB
62 KB 1123ms
1052ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&adk=1812271804&adf=3025194257&lmt=1638497895&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftrustedsource.us%2F&ea=0&flash=0&pra=5&wgl=1&dt=1638703614541&bpp=3&bdt=853&idt=298&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3844171193240&frm=20&pv=2&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

710a4c7deb110e2ffacd99dd456ef79a4a84fa9d9646cb049361e1c589194b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Dec 2021 11:26:55 GMT
server: cafe
content-length: 63155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Dec 2021 11:26:55 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3A2 90 KB
31 KB 848ms
787ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=100&slotname=9988670153&adk=104031582&adf=3178948119&pi=t.ma~as.9988670153&w=320&lmt=1638497895&psa=0&format=320x100&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&wgl=1&dt=1638703614544&bpp=2&bdt=855&idt=321&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=820&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=b1ALtE4ALo&p=http%3A//trustedsource.us&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76f187f2855bb00305cd5cbcaa30a4404d0c32c9d62d3b287824cf586409855e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Dec 2021 11:26:55 GMT
server: cafe
content-length: 31562
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Dec 2021 11:26:55 GMT
cache-control: private

GET
H2 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame D3A2 7 KB
4 KB 202ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=100&slotname=9988670153&adk=104031582&adf=3178948119&pi=t.ma~as.9988670153&w=320&lmt=1638497895&psa=0&format=320x100&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&wgl=1&dt=1638703614544&bpp=2&bdt=855&idt=321&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=820&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=b1ALtE4ALo&p=http%3A//trustedsource.us&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 00:14:25 GMT

GET
H2 200 1fbe479ac890063fc5be4921f3467642.js Show response
www.gstatic.com/mysidia/ Frame D3A2 8 KB
4 KB 204ms
66ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fbe479ac890063fc5be4921f3467642.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3713
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 00:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D3A2 3 KB
1 KB 225ms
82ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:34:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:55 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame D3A2 1 KB
960 B 65ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:02:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame D3A2 19 KB
8 KB 201ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:03:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame D3A2 2 KB
1 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:23:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3A2 119 KB
37 KB 244ms
96ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:26:55 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame D3A2 15 KB
6 KB 203ms
70ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:17:01 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame D3A2 27 KB
11 KB 137ms
65ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:38:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3A2 0
0 89ms
88ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzNFh_qGsYYqKPNK8owblwq-wCcvypaxm54f2s9kOq86AzZwjEAEgmJeOZmDJhoCA3KPEEKAB4pXf_gPIAQGoAwHIA8sEqgT1AU_Qyt_zrhxtvPfho9W8iGChxZ30K2rtLTQGbHPPt3aL6qG08LNijIO9kAn8Sqx4Ocy4HLycka9ispO_Nm-nHlS_jZ7HeEXFxE1-Y9qJqDW-gDlRhXTJykRD9-5uMG3BKOTG6urgq6336VeMgff-iFa-R1RMjz0PoMzfAeIyI5nN39ND1M7E7Km_0x41loEcmhEWVTIdg1n061yJPxVncm_iTcm1vF9Yp2aFiX9nJb--uJo0MC0Q0BIw3jF9hzMKixmB7NBP2IFWoWzvR_BLo3YnYjEpKiaZVOUYVpwSvrOHpjF5_8S7WGhy4kjzHqVTp_ihwTYZwATG4drh3gOSBQQIBBgBkgUECAUYBIAHhuqgAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFELKl1gjSCAcIgGEQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTUyOTk0OTk5NDA1MDA2MDQYAA&sigh=6K8twvqks2c&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=100&slotname=9988670153&adk=104031582&adf=3178948119&pi=t.ma~as.9988670153&w=320&lmt=1638497895&psa=0&format=320x100&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&wgl=1&dt=1638703614544&bpp=2&bdt=855&idt=321&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=820&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=b1ALtE4ALo&p=http%3A//trustedsource.us&dtd=326
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Dec 2021 11:26:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD72 143 B
163 B 65ms
64ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=100&slotname=9988670153&adk=104031582&adf=3178948119&pi=t.ma~as.9988670153&w=320&lmt=1638497895&psa=0&format=320x100&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&wgl=1&dt=1638703614544&bpp=2&bdt=855&idt=321&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=820&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=b1ALtE4ALo&p=http%3A//trustedsource.us&dtd=326

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 05 Dec 2021 11:06:46 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D3A2 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96a0c9459e4d05a425f87cdf718cf9fd17b57139624c95492a44f02d51ee0ee5

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D3A2 21 KB
22 KB 203ms
65ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:47:38 GMT
x-content-type-options: nosniff
age: 477558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 22:47:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D3A2 21 KB
21 KB 240ms
104ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 19:36:12 GMT
x-content-type-options: nosniff
age: 143444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 19:36:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B39 4 KB
619 B 152ms
80ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: trustedsource.us
URL: https://trustedsource.us/wptelegram/widget/view/@infowarsnew/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:37:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H2 200 bootstrap.min.css
telegram.org/css/ Frame 1B39 42 KB
10 KB 442ms
146ms Stylesheet
text/css 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/bootstrap.min.css?3

Requested by

Host: trustedsource.us
URL: https://trustedsource.us/wptelegram/widget/view/@infowarsnew/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-a61b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=345600
expires: Thu, 09 Dec 2021 11:26:56 GMT

GET
H2 200 telegram.css
telegram.org/css/ Frame 1B39 108 KB
28 KB 555ms
260ms Stylesheet
text/css 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram.css?214

Requested by

Host: trustedsource.us
URL: https://trustedsource.us/wptelegram/widget/view/@infowarsnew/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

70a2f037310f330957844c65cb91137fb13cf3ace3e62a98c26ab42c90955a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 12:46:28 GMT
server: nginx/1.18.0
etag: W/"61813324-1aee2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=345600
expires: Thu, 09 Dec 2021 11:26:56 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 149 KB
53 KB 91ms
91ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06bde64115c0bf235f205c12e6a6703295d50805cd601176d46c933baa7cf378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54294
x-xss-protection: 0
server: cafe
etag: 3193842429763138962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 150ms
78ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trustedsource.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E39 90 KB
30 KB 521ms
521ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=3264512814&adf=202238267&pi=t.aa~a.2277143977~rp.1&w=1180&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1180x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=2&bdt=2472&idt=-M&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100&nras=2&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vsyOfF2SvA&p=http%3A//trustedsource.us&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9795d0f3689b36fa96964ba6571e7dd749cf0d4ea3e33da5acdb07f11a0e6d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Dec 2021 11:26:56 GMT
server: cafe
content-length: 31015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0569 92 KB
31 KB 556ms
556ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=83862074&adf=701034044&pi=t.aa~a.975067266~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1130x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=1&bdt=2473&idt=1&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100%2C1180x280&nras=3&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=3236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ctrp72ddKu&p=http%3A//trustedsource.us&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92ef5c6553604c717711b616515fd5584392ce2d136af1a387f05665e120204e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Dec 2021 11:26:56 GMT
server: cafe
content-length: 31571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD72
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
80ms

Document
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Dec 2021 11:26:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Dec 2021 11:26:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Dec 2021 11:26:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 93C6 11 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Dec 2021 17:08:35 GMT
expires: Sat, 18 Dec 2021 17:08:35 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 65901
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 49A0 11 KB
5 KB 66ms
66ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Dec 2021 17:08:35 GMT
expires: Sat, 18 Dec 2021 17:08:35 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 65901
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 93C6 4 KB
634 B 79ms
79ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:36:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 93C6 205 B
229 B 65ms
64ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:40:56 GMT
x-content-type-options: nosniff
age: 477960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 29 Nov 2022 22:40:56 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 93C6 604 B
628 B 66ms
65ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:11:42 GMT
x-content-type-options: nosniff
age: 40514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Dec 2022 00:11:42 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 93C6 19 KB
8 KB 189ms
117ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8210
x-xss-protection: 0
server: cafe
etag: 6499249944067270656
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 01:46:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 49A0 3 KB
579 B 80ms
80ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:31:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 49A0 1 KB
880 B 196ms
131ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:02:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 49A0 0
0 90ms
89ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwASL_qGsYcOSPI3Xowbb04PYApCkiNVmqeXe4cQNwv2nwJIOEAEgmJeOZmDJhoCA3KPEEKABoP6P0QHIAQmoAwHIA8sEqgT0AU_QhzcPEaJZRBJTRVvTPNwBsjmd5d0FXvB-sF84aL41l2U2SC5Vqv0ue9oaY-q7FGVfXiFRdCu0Lj57DqHvBt3pog5JPj23cIFuMBehvV9Kj4wRY1Tyv-oBfna8vCTWiN5a6t1MNLwomtGuwQy1cFrmaz8SgK7xvj61SlPEREK-sc260rV2izvansi_g8JsPu4O33EuDQKxrlrnwctlcjNCRVvfw_AQL5aqOFILUfitMhFhAJvW46fxOQghjgcXih8JMTCmadgQ2EI9IsltqamfaYK0gf6-luqjU14X36ZO_VB18qfkUctzo6zwnW76Q_gp8rDABO2q3Ki3A5IFBAgEGAGSBQQIBRgEoAYugAfIgfCuAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEKmDkwTSCAcIgGEQARgfgAoByAsBuBOIJ9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01Mjk5NDk5OTQwNTAwNjA0GAA&sigh=ajbW0b46CXI&uach_m=[UACH]&template_id=5000

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Dec 2021 11:26:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 49A0 19 KB
8 KB 135ms
72ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:03:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 49A0 2 KB
1 KB 191ms
128ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:23:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49A0 119 KB
36 KB 156ms
86ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 49A0 15 KB
6 KB 127ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:17:01 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 49A0 27 KB
11 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:38:41 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4428428388575289517/ Frame 49A0 10 KB
10 KB 144ms
85ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4428428388575289517/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb96188e6f5d6482fd35fc5d6e360bd7f5c0d11f5139f1c827bddcee6bb51e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 23:33:06 GMT
x-content-type-options: nosniff
age: 474830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9779
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 19:03:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Nov 2022 23:33:06 GMT

GET
DATA 200
OK truncated
/ Frame 49A0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 4D28 3 KB
579 B 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:35:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4D28 1 KB
880 B 108ms
107ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:02:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 4D28 19 KB
8 KB 72ms
71ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:03:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4D28 2 KB
1 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:23:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D28 119 KB
36 KB 112ms
112ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4D28 15 KB
6 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:17:01 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 4D28 27 KB
11 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:38:41 GMT

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame BE78 35 KB
13 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

GET
DATA 200
OK truncated
/ Frame 49A0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45948729794179a8417c17af7bac47cfb614cf777af730da3a9a670ea4bcf768

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 35E8 35 KB
13 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1376 35 KB
13 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Host: trustedsource.us
URL: http://trustedsource.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

GET
DATA 200
OK truncated
/ Frame 1B39 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Arrow_1x.png
telegram.org/img/tgme/ Frame 1B39 988 B
1 KB 141ms
141ms Image
image/png 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram.org/img/tgme/Arrow_1x.png

Requested by

Host: telegram.org
URL: https://telegram.org/css/telegram.css?214

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://telegram.org/css/telegram.css?214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: "5a05e7c6-3dc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=345600
accept-ranges: bytes
content-length: 988
expires: Thu, 09 Dec 2021 11:26:56 GMT

GET
H2 200 Mobile1x.png
telegram.org/img/tgme/ Frame 1B39 3 KB
3 KB 142ms
140ms Image
image/png 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram.org/img/tgme/Mobile1x.png?1

Requested by

Host: telegram.org
URL: https://telegram.org/css/telegram.css?214

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8980be134f83d21785afcf8f206c753e7dbdb6359cc236e336609eb28f0115e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://telegram.org/css/telegram.css?214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: "5a05e7c6-a2d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=345600
accept-ranges: bytes
content-length: 2605
expires: Thu, 09 Dec 2021 11:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1B39 15 KB
15 KB 135ms
64ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options: nosniff
age: 208694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 01:28:42 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1B39 15 KB
15 KB 137ms
67ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trustedsource.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options: nosniff
age: 414180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:23:56 GMT

GET
H3 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 1E39 7 KB
3 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=3264512814&adf=202238267&pi=t.aa~a.2277143977~rp.1&w=1180&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1180x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=2&bdt=2472&idt=-M&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100&nras=2&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vsyOfF2SvA&p=http%3A//trustedsource.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 00:14:25 GMT

GET
H3 200 e896defd9da58cd70544d59688f4a346.js Show response
www.gstatic.com/mysidia/ Frame 1E39 11 KB
5 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4792
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 01:48:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E39 3 KB
579 B 80ms
80ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:35:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 1E39 1 KB
880 B 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:02:50 GMT

GET
H3 200 b85b9965a6c1d8af98ff0fb9e6466ad8.js Show response
www.gstatic.com/mysidia/ Frame 1E39 6 KB
2 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b85b9965a6c1d8af98ff0fb9e6466ad8.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2518
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 00:25:06 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 1E39 19 KB
8 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:03:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 1E39 2 KB
1 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:23:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 1E39 15 KB
6 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:17:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E39 119 KB
36 KB 116ms
116ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 1E39 27 KB
11 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:38:41 GMT

GET
H3 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 0569 7 KB
3 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=83862074&adf=701034044&pi=t.aa~a.975067266~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1130x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=1&bdt=2473&idt=1&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100%2C1180x280&nras=3&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=3236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ctrp72ddKu&p=http%3A//trustedsource.us&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 00:14:25 GMT

GET
H3 200 e896defd9da58cd70544d59688f4a346.js Show response
www.gstatic.com/mysidia/ Frame 0569 11 KB
5 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4792
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 01:48:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0569 3 KB
579 B 89ms
89ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 09:39:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 11:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 0569 1 KB
880 B 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:02:50 GMT

GET
H3 200 b85b9965a6c1d8af98ff0fb9e6466ad8.js Show response
www.gstatic.com/mysidia/ Frame 0569 6 KB
2 KB 73ms
73ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b85b9965a6c1d8af98ff0fb9e6466ad8.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2518
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 00:25:06 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 0569 19 KB
8 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:03:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 0569 2 KB
1 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:23:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 0569 15 KB
6 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 11:17:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0569 119 KB
36 KB 157ms
157ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:26:56 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 0569 27 KB
11 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:38:41 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4899044147866820767/ Frame 1E39 27 KB
27 KB 125ms
125ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4899044147866820767/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d236555c7c98ea267fac4b71ff26ed17385edda6e504202d57b2cec5fc275488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28094
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 20:49:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Dec 2022 11:26:57 GMT

GET
DATA 200
OK truncated
/ Frame 1E39 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1E39 0
0 90ms
90ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C10oeAKKsYcqADsWUyQP1mqPADvD-5O1m0PvppvsO29keEAEgmJeOZmDJhoCA3KPEEKAB7tDZywPIAQmoAwHIA8sEqgTxAU_Qtma1hIyfO7n9lnvhyU6WXeCBiiU7YcgVG2noO99BqBDzEC1VxVaMZZtj-YUCh4uQgmbQLU5rK4BXQiorVcf67KppszXuWKRk8fSSI8yyILBCgB1iflEDtawj5pQBxCU7JCSlvBIrc-f2nqvTG9nO874P9H_Ybsy2_jfluceDIKEogrhq4kbgURQGFsVNQ_nz-i8wQlImug5hXhpz7kLzEEqT4mdrw7gcQAeE32wwOOa55wezRkBuNesz44nHFBxAPlCZopE8-NbZ5g4cFjcAPcXwAK2ALoURRlzZ9ftjByXRi_8PgTeFe0rdPKGDh8_ABOjJ6bfeA5IFBAgEGAGSBQQIBRgEoAYugAf6rqY0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQk8S-BdIIBwiAYRABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTUyOTk0OTk5NDA1MDA2MDQYAA&sigh=YTLZhvyRA-o&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=3264512814&adf=202238267&pi=t.aa~a.2277143977~rp.1&w=1180&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1180x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=2&bdt=2472&idt=-M&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100&nras=2&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=210&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vsyOfF2SvA&p=http%3A//trustedsource.us&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Dec 2021 11:26:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET tg://resolve?domain=infowarsnew
tg://resolve?domain=infowarsnew Frame 1B39 0
0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15789561449150808950/ Frame 0569 40 KB
40 KB 65ms
65ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15789561449150808950/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf49cf9816f235983d802426131c1b98f1ad80b2d86e0dd52fc061bc1787d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 19:34:50 GMT
x-content-type-options: nosniff
age: 316326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40955
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 17:00:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 19:34:50 GMT

GET
DATA 200
OK truncated
/ Frame 0569 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0569 0
0 90ms
90ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgH2rAKKsYeDEDtKdowbH6aNg--zBg2bih7eBhw6BgPS-wgEQASCYl45mYMmGgIDco8QQoAGy4r2jAcgBCagDAcgDywSqBIUCT9Du-MF_VfpK0OFECbX43hYJb6pm7H9b4qcdHWeUbNpMA92ZfzMy4Cnzt3orrORqVKKoJsMgbtwvOiNCeW_CeyJ4HwWmesn9HOqnLOKq0lW08lNyxxLWYVnqIeKzJdCNk089uzlLL3P_mBTwpBU8EBOJ7IfiC7u8TIEgAgAVyTLhz87X6GHcPv9qEEm23leCUVZSYB9MQFkQGXZRjd3nJDdPj0zADX--ruZz8OYocxokn4lXo3tfmuzrxyThNDzJ6dN9RICC76SgB86og0bSynnm3-3EnOPDf9FuaD9dXyY8OZFWlLFKQVbIDD03BJN7xTMOrH-ZfUDIJ6xc99Eu_Z4J7c4ewATw18yf8wOSBQQIBBgBkgUECAUYBKAGLoAHtp3C3AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRCQndID0ggHCIBhEAEYH4AKAcgLAbgTiCfYEw2IFAbQFQGAFwGyFxwKGggAEhRwdWItNTI5OTQ5OTk0MDUwMDYwNBgA&sigh=jy-bTXJ2Lr8&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5299499940500604&output=html&h=280&adk=83862074&adf=701034044&pi=t.aa~a.975067266~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1638497895&rafmt=1&to=qs&pwprc=4627966428&psa=1&format=1130x280&url=http%3A%2F%2Ftrustedsource.us%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1638703616161&bpp=1&bdt=2473&idt=1&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a02165603751601-22bdfbd980ce007a%3AT%3D1638703615%3ART%3D1638703615%3AS%3DALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ&prev_fmts=0x0%2C320x100%2C1180x280&nras=3&correlator=3844171193240&frm=20&pv=1&ga_vid=111019057.1638703614&ga_sid=1638703615&ga_hid=1742683163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=3236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C21066433%2C31062423&oid=2&psts=AGkb-H9jncDulSyn7iplnfZLeLwV2k6Uon4SLJd7w1LNA8Wrh4N6QoFQ1AfvsU3YzrikZf1ZxEH6ggc&pvsid=136468677810335&pem=959&tmod=1068057272&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ctrp72ddKu&p=http%3A//trustedsource.us&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Dec 2021 11:26:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1E39 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56b2c1a0656ba389f578d007b323507efcf0aedd6557f6f4c49a3d040c0834a6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0569 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35584f3f2bc431e4aa8f1a0a77aad55bd8dd745108ab87c44d9d3f188c0e02a2

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E39 0
20 B 82ms
81ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCgoIASoGYmFubmVyCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNECshAAAAAACAU0AwBAoNEAMhAAAAzMxch0AwBAoNEAohAAAAAJiZ2T8wBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDExODB4MjgwMAQKDhAZKggxMTgweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAzM2OHQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAABUQDAECg0QBSEAAACZmWWHQDAECg0QECEAAAAAwJTeQDAECg0QESEAAAAAAEbRQDAECg0QEiEAAAAAAAAcQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAALiIQDAEEhpDTXFBd05mR3pQUUNGVVZLY2dvZGRjMEk2QSIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0569 21 KB
21 KB 65ms
65ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:47:38 GMT
x-content-type-options: nosniff
age: 477559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 22:47:38 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0569 21 KB
21 KB 76ms
75ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 19:36:12 GMT
x-content-type-options: nosniff
age: 143445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 19:36:12 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1E39 21 KB
21 KB 82ms
82ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:47:38 GMT
x-content-type-options: nosniff
age: 477559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 22:47:38 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1E39 21 KB
21 KB 103ms
103ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 19:36:12 GMT
x-content-type-options: nosniff
age: 143445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 19:36:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 154ms
84ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5c5d4f2fa103002a99534e916dbd96dcdb63be211e48390a8a77c73019c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Dec 2021 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8639
x-xss-protection: 0

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0053 35 KB
13 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0569 0
20 B 81ms
81ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCgoIASoGYmFubmVyCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNECshAAAAAAAAN0AwBAoNEAMhAAAAzcz8h0AwBAoNEAohAAAAAKCZyT8wBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDExMzB4MjgwMAQKDhAZKggxMTMweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAADNzACIQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA5QDAECg0QBSEAAABmZgKIQDAECg0QECEAAAAAwB_fQDAECg0QESEAAAAAgBvNQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAACZmT2JQDAECg0QFCEAAAAAQDLtQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAAABSLQDAEEhpDT0RFd05mR3pQUUNGZExPeUFvZHhfUUlEQSIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A7B 35 KB
13 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E39 0
20 B 81ms
81ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCgoIASoGYmFubmVyCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNEBQhAAAAACAQ50AwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAzMzAi0AwBBIaQ01xQXdOZkd6UFFDRlVWS2Nnb2RkYzBJNkEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
81ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 05 Dec 2021 11:26:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9307 13 KB
5 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 03 Dec 2021 04:41:49 GMT
expires: Sat, 03 Dec 2022 04:41:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 197108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BD5 783 B
534 B 156ms
82ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35989a315930d5ff481e0425fcc3ad3cc648f4468a7fcc276fc5ea467dc00d86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T+Xs0v9ADuQOmIUaM0Zjwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Dec 2021 11:26:57 GMT
date: Sun, 05 Dec 2021 11:26:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-T+Xs0v9ADuQOmIUaM0Zjwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9307 35 KB
13 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:20:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7BD5 0
0 97ms
97ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=136468677810335&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3A2 42 B
64 B 83ms
83ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqtNVOZ50oIUwRIMMHD6hT4zfIKFX17x8mB-6I2fLpEX6KMOaddGFy7veI4zjFr5zSGCwt-Mw8eI4rNVDygnVup8MhPCSP8r9kByuMRM0I-afn4Rk&sai=AMfl-YQz5YZQGJ4XUqjkWLGmqdw5X0tSH9YNWAjohhgpcCUo-XEt86v7xLeizQCcIsI4IReqoARYQA8U7h_3&sig=Cg0ArKJSzCPf07NVZsHrEAE&id=lidar2&mcvt=1001&p=0,0,100,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=104031582&rs=2&la=0&cr=0&vs=4&r=v&rst=1638703614871&rpt=1655&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 9307 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 84ms
83ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=136468677810335&bg=!NzSlNHDNAAaQHwIOkB87ACkAdvg8WhcsAor1HbeIIoK-UlS-DDeiGhPA8hiPP2MkzTRDWIxlqAvgsQIAAABkUgAAAAtoAQcKAJptOSUwlJ5a00at2J1958lIgJmQiVXRC3tcEzo9UF-4PGmzTjeaMW2i3dur3UViifBmPe9hEmRjnIbCCsT45Ymgb7UOvxN5ioMkhV_ftLdW4c8NiKt6TiEa0i0w192awxuJ815a28vlh6CIZa0Tuy7oHWCs1MkL6u3chPOPJMSx3FhTIJdL-cfWUr9KKpuRPivrVHUf3mAg5c6DmQLU5ayj-tpPdAxn2L6alS0mlnKOmoX0TtSXULapg53PNq-Dk20C_JnI_8orCs4n16qfTopvGlnC1LQuR3VgXSCnXp73uob7dmL7Kn4mC9xScGopSf1iz4qHveKHGifiUFBf6HGlY9NnrJH_qMRFcGfzqOlqoERdGxSR_Zo6VkpU4h8GyoYU3RpRhl0N1uDRs9sdd6TTs7byfEqd8qtXi8Vvet2_KSnBZI7STriDCtwhcY40jaKcy-u8Lsd_V5Mtwq196oOm8aHVHYeXxLPHssE37BvsbSKFhu0jOu0N5ujtahfIG6GFrQC6TCD4MwmWIOQRk-aeQx3JkZkmHiXXSN8C89rZRVFGwnY9R_pBFl5pHjrPmBQQWciqH6s66atyDaUSKrnxUT6RdHTaXUYzolsq7oUHDTuBTJ11rDGc2hCsAFDpKbyW7JJnkFrA2y3wXrkBne9cy7L4y8Zl6SkrlC5JpC4d7q55iFZ5vqThsm9gwjhujg62hPvMHyFhTQ_ZzBYZ0qPilTaPaZc3dYq4F8oivjgM5Sw2nwFxSoztmRBYmZITmiPvvUf_Qs8bSaRRRDvPL7z62lIVUwK96o3dfUoAle0uEGPyI5NL_zhNPYEZ0dK1W42BjKiA8EClExJ0Ms3RvNECw_jCoM_Ul7gWS-9QiRMorulZ74wddMQRxkBBPo4JwqWi_H9BaOVuaspp16zJ3SHkiViogDn5MRRaZj-lL0XH8T0h9DFCCeWt2p2oY8JwaTCxMFFj9va3Sc68l029rC2Njbok32ibl3INxkfBpw6wKJQGvCjJ4MHYHtaPjLENxskSaVTU02ROndhQffAH5dbb4iMl8uRTFNfQH1ja3UjO0LXPxXt-8MhRz22m948xKk5FQWvwhoNUdnclfVkh_lUYVtBRg1lqPfcVR2KLP4bV695B7-nEWQpRml6O5C_axVD0Op1P3sYh47ErkLk8LqgqSA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://trustedsource.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49A0 42 B
64 B 83ms
83ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtHTelhwWEU21IGy5qSOBQQ-8_pfxDyrQqvKOuq6wPiUdYUuoAPzjFYyCIlZ3K_8uz1HhGBXt2AqLDhUAGxM3ChIsI078iHEdefwTDpjgwVuKPYIk&sai=AMfl-YRsnB4Xhv7RP62S2eKGY-L91ugIlWn34lmpx9w_Orc4XkH0_kiJTt_wesbZYm0Rd5w2cTsl5K0Uiq77&sig=Cg0ArKJSzBe2ECfW-qYfEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=164,792,1000,1026,1026&tos=164,628,208,26,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1638703616267&rpt=368&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 11:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resolve
URL: tg://resolve?domain=infowarsnew

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?Wx7--A

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trustedsource.us/	1970-01-20 16:42:55	Name: _ga_HC2W1XST71 Value: GS1.1.1638703614.1.0.1638703614.0
.trustedsource.us/	1970-01-20 16:42:55	Name: _ga Value: GA1.1.111019057.1638703614
.trustedsource.us/	1970-01-20 08:33:19	Name: __gads Value: ID=5a02165603751601-22bdfbd980ce007a:T=1638703615:RT=1638703615:S=ALNI_Ma1EVpngs4D-6zLvY-bUgQpUHV7lQ
.doubleclick.net/	1970-01-20 16:42:55	Name: IDE Value: AHWqTUlwZKUHIk3a3I8OL38d9yYWqX2I52QrczxJSmxMJNxvOKEYak-Ji24UemQgnIQ
.doubleclick.net/	1970-01-19 23:11:47	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
resolve
telegram.org
tpc.googlesyndication.com
trustedsource.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
resolve
tpc.googlesyndication.com
142.250.65.194
162.144.7.229
2001:67c:4e8:1033:5:100:0:a
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2003
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032943dd592de82e65d27f795895597074180f5e0c976f61554d5b02628cf077
06bde64115c0bf235f205c12e6a6703295d50805cd601176d46c933baa7cf378
0e7b8244ae1de888553871f9fcb220d1119da5bac453ed7f31415bc4ea151ea5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11df080d7b88d6489f1c2bd22df89648ac5b99fc11e78a1268a6a3674cdb3f8f
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
14f84067c4fcd3b1849424e7452aef05467efc71e56a37c485f322e27749a6f6
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a
267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
35584f3f2bc431e4aa8f1a0a77aad55bd8dd745108ab87c44d9d3f188c0e02a2
35989a315930d5ff481e0425fcc3ad3cc648f4468a7fcc276fc5ea467dc00d86
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a70d4f27e5fd6c8f262ed7531bf2f8e9207b467d0f0c919f16248fe923e7e80
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
45948729794179a8417c17af7bac47cfb614cf777af730da3a9a670ea4bcf768
4b995443be8220c690e773e586ec77eedf9d45230752feb939af744cb4e76f6f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b2c1a0656ba389f578d007b323507efcf0aedd6557f6f4c49a3d040c0834a6
59a01b398256f0ec52dc2114d08253afb5e95de5b30e1c42ebe0a6231ec7b1cb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37
67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9
6bbc194b7b471c236c4cd6d1077e56bba2ef4a8cb1820713bec002bc267cde48
6d37456d51f978e5156c6dc58c77f71f7b40e11675ecced620bd6a60b2421e93
70a2f037310f330957844c65cb91137fb13cf3ace3e62a98c26ab42c90955a38
710a4c7deb110e2ffacd99dd456ef79a4a84fa9d9646cb049361e1c589194b4b
7135f3fc8d8803f4b761a7646816a860af71831332a51a80ae3d457c7b60b8f5
763c9261be2913e2be6ee932e75c9b725c74e723ef14d44f0fbc650c99c4ac38
76f187f2855bb00305cd5cbcaa30a4404d0c32c9d62d3b287824cf586409855e
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8418ecf07079bd3d838ba5826b6c8cd60be4bff5d35cd1f5e18a2c5bdfcef9e9
85ae6beb34e0e906fe1b88ee87ca6a7ab72f53b748ddf00e61f684a5bb1c156f
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8835247d09615ecd7685b6e3cd9782440a16bb9cf746ccc8a9cdeb3c16134429
8980be134f83d21785afcf8f206c753e7dbdb6359cc236e336609eb28f0115e0
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92ef5c6553604c717711b616515fd5584392ce2d136af1a387f05665e120204e
955b263d6c91c12cebcf6da0fa4834f01d2e2d3e7ba3e109e567681de5470c5e
96a0c9459e4d05a425f87cdf718cf9fd17b57139624c95492a44f02d51ee0ee5
9795d0f3689b36fa96964ba6571e7dd749cf0d4ea3e33da5acdb07f11a0e6d25
9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ade5d2cc2192a962c86f884df8d637800740bc438007d6120ccc97203f7e04
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aff3ddf1a0e8e72e6121bf768e3a4427e2de852241addc2379d6211151a2a105
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
ba5c5d4f2fa103002a99534e916dbd96dcdb63be211e48390a8a77c73019c5c5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0a4d9b217e50e765c6b577563f38c90d3da20d9ee12216975c9a57468fda353
d236555c7c98ea267fac4b71ff26ed17385edda6e504202d57b2cec5fc275488
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9d4f0fd14d09c65f56685effc78115b0845ba8e625ed9d714990f75147c8f02
dcf49cf9816f235983d802426131c1b98f1ad80b2d86e0dd52fc061bc1787d99
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0e72a3e680be2687dce309822c98d6bdb5502ef59baa90f744889ea53d81a7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a2b7b5ed14b466f41c272f268e0f6fa9f38c34d0ca6a5748accf006b313258
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
eb96188e6f5d6482fd35fc5d6e360bd7f5c0d11f5139f1c827bddcee6bb51e15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11710fd96374adb4475cfc1bc9ae14c333145c64c810d9dc29e7b31fbe2beb1
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f505721ee18395f6daf5e931b0a05dffe424af64b9d1ad3688952c1c5136b221
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

trustedsource.us Open in urlscan Pro 162.144.7.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

137 Requests

93 %HTTPS

86 %IPv6

12 Domains

15 Subdomains

15 IPs

2 Countries

4220 kBTransfer

6369 kBSize

5 Cookies

2 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trustedsource.us Open in urlscan Pro
162.144.7.229 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

93 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

4220 kB
Transfer

6369 kB
Size

5
Cookies

137 HTTP transactions
8 data transactions