urlscan.io logo urlscan.io
SecurityTrails logo

rustygriswold.ca Open in urlscan Pro
104.18.153.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://rustygriswold.ca/
Submission Tags: phishingrod
Submission: On February 14 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 60 HTTP transactions. The main IP is 104.18.153.16, located in and belongs to CLOUDFLARENET, US. The main domain is rustygriswold.ca.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time rustygriswold.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.18.153.16 13335 (CLOUDFLAR...)
1 142.251.167.97 15169 (GOOGLE)
11 172.253.63.155 15169 (GOOGLE)
1 216.239.38.181 15169 (GOOGLE)
1 142.250.31.155 15169 (GOOGLE)
1 142.250.31.94 15169 (GOOGLE)
1 6 142.251.16.157 15169 (GOOGLE)
13 172.253.63.113 15169 (GOOGLE)
8 172.253.122.132 15169 (GOOGLE)
1 2 172.253.63.147 15169 (GOOGLE)
2 142.251.163.155 15169 (GOOGLE)
60 12
16    104.18.153.16 (None, )

ASN13335 (CLOUDFLARENET, US)
rustygriswold.ca
1    142.251.167.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f97.1e100.net
www.googletagmanager.com
11    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
pagead2.googlesyndication.com
1    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.250.31.155 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca
6    142.251.16.157 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
googleads.g.doubleclick.net
13    172.253.63.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f113.1e100.net
fundingchoicesmessages.google.com
8    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
2    172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net
www.google.com
2    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
482 KB
16 google.com
analytics.google.com — Cisco Umbrella Rank: 177
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659
www.google.com — Cisco Umbrella Rank: 2
74 KB
16 rustygriswold.ca
rustygriswold.ca
371 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
53 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8927
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
93 KB
60 7
Domain Requested by
16 rustygriswold.ca rustygriswold.ca
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 pagead2.googlesyndication.com rustygriswold.ca
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.googleadservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 www.google.ca rustygriswold.ca
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com rustygriswold.ca
60 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
rustygriswold.ca
GTS CA 1P5		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://rustygriswold.ca/
Frame ID: 090EC86FD4C87FD867FD1A6E3D5F2510
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html
Frame ID: F18A9965817600272C048B72569A67CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1707589931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707939578162&bpp=6&bdt=1382&idt=312&shv=r20240212&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2404932100666&frm=20&pv=2&ga_vid=1525237716.1707939577&ga_sid=1707939579&ga_hid=310106695&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081035%2C31081107%2C31081141%2C44798934%2C95324580%2C95325067%2C31081135%2C95322180%2C95320870%2C95324155%2C95324161%2C95325078&oid=2&pvsid=3342713618359800&tmod=1992038180&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: C8E51C93BE2B7F7F1743A044E65AA61D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 04F6DCCD79587FD0F3E54CE915C5EB37
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9D2AC253CB7DBED56822C43CEDDB623
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF5606A4D5205B5F8E9C99B25336A81F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1660EE5F83AB1F5886F154B4C0499AC8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: 53B47CB6C126DA08D5ABBEE29707B144
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rusty Griswold Light Display – Illuminating your holidays with pixel lights, articles, tools, and recipes.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

60
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

1073 kB
Transfer

13470 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCTRZ-hbNZeH7IpDOo9kP6JKlmAW5ksmOVOy76ZLnEODmtq30FhABIJbk8IoBYP2gmYHoA6ABluuvzQPIAQKpAq2H9Lf6zag-qAMByAPJBKoE3AFP0EYUpUvfZFOCcPK0m1qqD8crJnXTAsg1v_pTXaPTPc7krrBKj9PA95wiCwC5OUyaY61XsWEAzgXL6k5E6e-VYHWpk34_oWAPPDE4RKF0mAP2B8zAmVy6vEUuD3j-IpIotc8CjmjZOoC6nmCe9piXqjplTk7E1VsHQwTDPlW28c5ypFe_3wuGGyVohfCASgwQCsq09RCXWZzafAMJROwGiJT_QbsWwn0WVWIQixfBOETuS6XpH0D8iLLSV8bzL40pZ4BynW8wZfxbHcXILbIT0qIYQCceQOxe9xANwASKu9iJQYgFipL7cZIFBAgEGAGSBQQIBRgEoAYCgAfSlNAyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQ2vUU0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WNKgg9_Kq4QDmgkdaHR0cHM6Ly93d3cuZGVsaWdodGZvb3RzcGEuY2GACgHICwHaDBAKChDgzdi7r5DX_mcSAgED2BMC0BUBgBcBshccChoIABIUcHViLTU0NTI5MTU0NDYzNTUzODIYAA&sigh=Ji9NlsPukso&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_egWYNF37s-o7aFq6fw2o9zai2xAAUuFHfPYlMQU5t7xXYK66WoCohuQQF_1de0O_9L33poR8-AMpc4LRXBgWbhtND7tTki8NrT0YAQ&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28a984963416f20a0000000000000000%22,%222%22:%220xcc917372d2a377260000000000000000%22,%223%22:%220xc1a758e776c5ed970000000000000000%22,%224%22:%220x82e7f22fc610e5820000000000000000%22,%225%22:%220x201a5fd3c55e3ff60000000000000000%22},%22debug_key%22:%225330579791983464281%22,%22debug_reporting%22:true,%22destination%22:%22https://delightfootspa.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967570838%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228471498011626790465%22}&andc=true

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rustygriswold.ca/ 		155 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
31da668930af787f650484394c91d67b20900bf693c82af75bc9f83a2b95ba72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2738
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
8557c731be63a20e-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 19:39:36 GMT
last-modified
Sat, 10 Feb 2024 18:32:11 GMT
server
cloudflare
vary
Accept-Encoding
wpo-cache-status
cached
x-content-type-options
nosniff
x-nginx-cache-status
MISS
x-powered-by
PHP/8.1.18
x-xss-protection
1; mode=block
wpo-minify-header-c06332b3.min.css
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ 		472 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-header-c06332b3.min.css
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d468726090822cb68a8c3879fbd1acddfec1ebcfeb9e0db97234884c04a18278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:58 GMT
server
cloudflare
age
2734
vary
Accept-Encoding
content-type
text/css
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c732f8e2a20e-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:54:02 GMT
wpo-minify-header-15f3209e.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-header-15f3209e.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27bbd0196e326686d24579da0b9aeabf8ea0603ff3c84ae6a6b2dc95008d3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:50 GMT
server
cloudflare
age
3673
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c732f8e7a20e-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
50cae3ae850bbe7f3bc70f73fc4328a8ad5780e8428f3dc11afd8e0a61d677cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94464
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 19:39:37 GMT
wpo-minify-header-45ee05e8.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ 		321 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-header-45ee05e8.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbea9d610679963f170f28ab4b98775df5c480b792302e51be494dc8d0d25860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c733abc37119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
efaeeb7ba4f43ca1f7820f3c7b7551969d42123584943a6b749bd85d3609bb7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
Origin
https://rustygriswold.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52089
x-xss-protection
0
server
cafe
etag
13182779006232192084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 14 Feb 2024 19:39:38 GMT
TransparentLogo.png
rustygriswold.ca/wp-content/uploads/2023/01/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo.png
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb4ad65a984323e2099126271672ef91746d429da08f37cf53a44c4764ce06a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3673
cf-polished
origFmt=png, origSize=44769
x-nginx-cache-status
MISS
content-disposition
inline; filename="TransparentLogo.webp"
alt-svc
h3=":443"; ma=86400
content-length
37732
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Feb 2023 16:37:50 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c732f8e6a20e-YYZ
expires
Sun, 14 Apr 2024 18:38:23 GMT
wpo-minify-footer-36505ce7.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-footer-36505ce7.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a9165ca527ff75cbecc812e4f0fe82774c84325295a173eb40547778ac09ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c733abc97119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
wpo-minify-footer-f2681918.min.js
rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-footer-f2681918.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0f803759f3c08a5fdcbd8a15addc355796008b3a42edb2c327ad90fb5d9ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c733abcc7119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
TransparentLogo-Copy-1-1024x318.png
rustygriswold.ca/wp-content/uploads/2023/01/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo-Copy-1-1024x318.png
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-nginx-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
33460
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 17:16:49 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c733ec4f7119-YYZ
expires
Sun, 14 Apr 2024 19:39:37 GMT
RustyVidtoGif.mp4
rustygriswold.ca/wp-content/uploads/2023/12/ 		10 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/12/RustyVidtoGif.mp4
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rustygriswold.ca/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 14 Feb 2024 19:39:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:34:51 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache-status
MISS
content-type
video/mp4
Content-Range
bytes 0-14098663/14098664
cf-ray
8557c733ec577119-YYZ
alt-svc
h3=":443"; ma=86400
Content-Length
14098664
x-xss-protection
1; mode=block
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
142.1345ea6b13b00771d513.js
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-footer-36505ce7.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8675a06a1093ba0769100e8375d07b9c47dd85cdd31f8c5fe656d53f70316e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 18:29:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c734be137119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
chch-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/chch-150x150.png
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-nginx-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
5638
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 16:38:13 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c734ee5a7119-YYZ
expires
Sun, 14 Apr 2024 19:39:37 GMT
output-onlinejpgtools-2-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/output-onlinejpgtools-2-150x150.png
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-nginx-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
8100
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 16:38:43 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c734ee607119-YYZ
expires
Sun, 14 Apr 2024 19:39:37 GMT
ctvtoronto-300x169.png
rustygriswold.ca/wp-content/uploads/2023/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/ctvtoronto-300x169.png
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-nginx-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
9040
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 16:38:20 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c734ee637119-YYZ
expires
Sun, 14 Apr 2024 19:39:37 GMT
BurlingtonToday.com-Logo.jpg
rustygriswold.ca/wp-content/uploads/2023/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustygriswold.ca/wp-content/uploads/2023/01/BurlingtonToday.com-Logo.jpg
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-nginx-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
7054
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 16:38:34 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8557c734ee667119-YYZ
expires
Sun, 14 Apr 2024 19:39:37 GMT
text-editor.2c35aafbe5bf0e127950.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-footer-36505ce7.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497207545e4aaa14add0c59adb6fc64a61a3375a525c9eb96527dd326a6d62aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 18:31:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c7351ed27119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:38:23 GMT
video.fea4f8dfdf17262f23e8.bundle.min.js
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/video.fea4f8dfdf17262f23e8.bundle.min.js
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1707416990/assets/wpo-minify-footer-36505ce7.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd6b08ca4ab8f8edc5d0a8995df2b62795048b31809efa131a85d73a3801321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 18:31:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-nginx-cache-status
MISS
cache-control
max-age=2592000
cf-ray
8557c7351ed47119-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2024 18:54:16 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7TKVW5VVYW&gtm=45je42c0v873983712za200&_p=1707939576880&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=1525237716.1707939577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707939577&sct=1&seg=0&dl=https%3A%2F%2Frustygriswold.ca%2F&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=989
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 19:39:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rustygriswold.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7TKVW5VVYW&cid=1525237716.1707939577&gtm=45je42c0v873983712za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 19:39:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rustygriswold.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKVW5VVYW&cid=1525237716.1707939577&gtm=45je42c0v873983712za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=810978066
Requested by
Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 19:39:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
303efc9d7500b36a55af45e4823729f358f2482445036c56b0cb295ee4f6384f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141053
x-xss-protection
0
server
cafe
etag
11419340790412264445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 19:39:38 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/ Frame F18A 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
51545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 05:20:33 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 05:20:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C8E5 		134 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1707589931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707939578162&bpp=6&bdt=1382&idt=312&shv=r20240212&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2404932100666&frm=20&pv=2&ga_vid=1525237716.1707939577&ga_sid=1707939579&ga_hid=310106695&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081035%2C31081107%2C31081141%2C44798934%2C95324580%2C95325067%2C31081135%2C95322180%2C95320870%2C95324155%2C95324161%2C95325078&oid=2&pvsid=3342713618359800&tmod=1992038180&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=343
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
594450ad1fa2b042976a3a4505e00926d5130cbce6122e33776fa3a15ec2d925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44633
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 19:39:39 GMT
expires
Wed, 14 Feb 2024 19:39:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
37298501a40517c37a2051b35f80acf6396a1c900a84d0076658e566cc16775b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12297
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/reactive_library_fy2021.js?bust=31081135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
cd2ba52d6a69a91ed5c31a1d3e772fc29b802959066d34d40f6cadf1c71cf924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57038
x-xss-protection
0
server
cafe
etag
3668201292974861480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 19:39:39 GMT
ca-pub-5452915446355382
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5452915446355382?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
0d3d5dbea6d737f16120edf8964a395afb13f842a56824dd74dcd80d5fbdf403
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AM1EdJ9lELQrSlnqDj2l5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-AM1EdJ9lELQrSlnqDj2l5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXF4KshxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejt9rt6xjE1ixf-cZRgC6C0--"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 19:39:39 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame 04F6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
56229
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 04:02:30 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 04:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXkNQckoJtxBZ9lUvjb4WkeyHVaAyPhVZY0ek4yWSz71lZiHlBBE2Sz1j0jvya7rpb8phTu3KpWqCJgSGDvfR8R6HG1wKkwSRAkWasV4MCQ5qeofHei9_NfysYjvLNobRoY5A9N4w==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXkNQckoJtxBZ9lUvjb4WkeyHVaAyPhVZY0ek4yWSz71lZiHlBBE2Sz1j0jvya7rpb8phTu3KpWqCJgSGDvfR8R6HG1wKkwSRAkWasV4MCQ5qeofHei9_NfysYjvLNobRoY5A9N4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTM5NTc5LDU2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
12c9c9e4d1859f24294c39641290bd6e72c29798d3f9015c1c223e5e7d08379f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z5tnaoHUMurhcrMJZeUXig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z5tnaoHUMurhcrMJZeUXig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O32u3rGMTWLH-yjImADXASpI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9D2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
28508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 11:44:31 GMT
expires
Thu, 13 Feb 2025 11:44:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EF56 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
21c2520c2ebee220cc82ad04fdd8ece4595830c58b7d9843b6b36762caf39e5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4a5XtUmxcFRKj_4IH45wRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rustygriswold.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4a5XtUmxcFRKj_4IH45wRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 19:39:39 GMT
expires
Wed, 14 Feb 2024 19:39:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 04F6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
72826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1660 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2084
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 19:04:55 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
72826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 01:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
66197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Feb 2024 01:16:22 GMT
17897720544100133849
tpc.googlesyndication.com/simgad/ Frame 04F6 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17897720544100133849
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
69311ab2d89a9b8df1d52beb3e99b436cc9f54019f21ddf983babf271f00bbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 14 Feb 2024 19:39:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35076
x-xss-protection
0
last-modified
Mon, 23 Dec 2019 02:10:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Feb 2025 19:39:39 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 04F6 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-2
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 20:38:04 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 04F6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14610
x-xss-protection
0
server
cafe
etag
17234995959194474601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:26:07 GMT
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame A9D2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:04:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 19:04:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1660
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 19:39:39 GMT
expires
Wed, 14 Feb 2024 19:39:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 19:39:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 04F6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69fc5e4973bc1c1df90643f8a8ac051a3b3e9021e09343112dd11795fd329cd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 04F6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCTRZ-hbNZeH7IpDOo9kP6JKlmAW5ksmOVOy76ZLnEODmtq30FhABIJbk8IoBYP2gmYHoA6ABluuvzQPIAQKpAq2H9Lf6zag-qAMByAPJBKoE3AFP0EYUpUvfZFOCcPK0m1qqD8crJnXTAsg...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28a984963416f20a0000000000000000%22,%222%22:%220xcc917372d2a377260000000000000000%22,%223%22:%220xc1a758...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28a984963416f20a0000000000000000%22,%222%22:%220xcc917372d2a377260000000000000000%22,%223%22:%220xc1a758e776c5ed970000000000000000%22,%224%22:%220x82e7f22fc610e5820000000000000000%22,%225%22:%220x201a5fd3c55e3ff60000000000000000%22},%22debug_key%22:%225330579791983464281%22,%22debug_reporting%22:true,%22destination%22:%22https://delightfootspa.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967570838%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228471498011626790465%22}&andc=true
Protocol
H3
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x28a984963416f20a0000000000000000","2":"0xcc917372d2a377260000000000000000","3":"0xc1a758e776c5ed970000000000000000","4":"0x82e7f22fc610e5820000000000000000","5":"0x201a5fd3c55e3ff60000000000000000"},"debug_key":"5330579791983464281","debug_reporting":true,"destination":"https://delightfootspa.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967570838"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"8471498011626790465"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 19:39:40 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 14 Feb 2024 19:39:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x28a984963416f20a0000000000000000","2":"0xcc917372d2a377260000000000000000","3":"0xc1a758e776c5ed970000000000000000","4":"0x82e7f22fc610e5820000000000000000","5":"0x201a5fd3c55e3ff60000000000000000"},"debug_key":"5330579791983464281","debug_reporting":true,"destination":"https://delightfootspa.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967570838"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"8471498011626790465"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame EF56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240212&jk=3342713618359800&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
pagead2.googlesyndication.com/bg/ Frame 53B4 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
93506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19987
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 17:41:13 GMT
generate_204
tpc.googlesyndication.com/ Frame A9D2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Sw20Ag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28a984963416f20a0000000000000000%22,%222%22:%220xcc917372d2a377260000000000000000%22,%223%22:%220xc1a758e776c5ed970000000000000000%22,%224%22:%220x82e7f22fc610e5820000000000000000%22,%225%22:%220x201a5fd3c55e3ff60000000000000000%22},%22debug_key%22:%225330579791983464281%22,%22debug_reporting%22:true,%22destination%22:%22https://delightfootspa.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967570838%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228471498011626790465%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 19:39:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
banner_skyscraper.
fundingchoicesmessages.google.com/f/AGSKWxXSc7glMs4dfriycHn-AUsLpP7KG-YGCP0oytVGnWwVNrV5vGL69_saq7gsVlxTHUpy5zO3WJyO77VB0HZyHXfh3B0XxGQMleutAvbmcv4hcf5QnrkhK5iGdruomey284o8JbBJXzWp_vMiabEAhryfq6AZY... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXSc7glMs4dfriycHn-AUsLpP7KG-YGCP0oytVGnWwVNrV5vGL69_saq7gsVlxTHUpy5zO3WJyO77VB0HZyHXfh3B0XxGQMleutAvbmcv4hcf5QnrkhK5iGdruomey284o8JbBJXzWp_vMiabEAhryfq6AZY77IjuARv9zmmjpTYa5fyBs0dUgHArJN/_/ad/top2./bigboxad./ad.min./kitad./banner_skyscraper.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e6467c281169a441f394dfda90beee6c7ad1afca3721ed7b13f2e255fac84216
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rJ9yh5nypWEpjY5P457taA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-rJ9yh5nypWEpjY5P457taA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OP2u3rGMT-NFxaCsjADleSrw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
5b72585a41bf7da4db40c14a5b8405d32391c20125f04377009208313972d3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51077
x-xss-protection
0
server
cafe
etag
8637539050172799680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 14 Feb 2024 19:39:40 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XUNZO5-TrbtCLoBaApBYRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-XUNZO5-TrbtCLoBaApBYRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAgu6ljxgBBcsYrA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s9Ux8gTb2k614IxOpqcaLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s9Ux8gTb2k614IxOpqcaLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAj0snHzECAAiPGW0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rustygriswold.ca
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZKWlHmfjUcZZvtvTVleo2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZKWlHmfjUcZZvtvTVleo2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAi8ufnzMCAAfTGYk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9JnEOLuMZnB2G2KqaXX27w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9JnEOLuMZnB2G2KqaXX27w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAgdUvnzMCAATZGSk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6nVDTPaA6G8duoNZ_pgwx1AC8R8sbYol2HDG7zso_t4a-x49DceQ9Ku8eeysy468EFmHK7BaLnR89NARk2mCE3Ts2KomVdJ6sUF0llQ13BIEa6ew_7TSqNfe-bBuhYanvsxQ49Q==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX6nVDTPaA6G8duoNZ_pgwx1AC8R8sbYol2HDG7zso_t4a-x49DceQ9Ku8eeysy468EFmHK7BaLnR89NARk2mCE3Ts2KomVdJ6sUF0llQ13BIEa6ew_7TSqNfe-bBuhYanvsxQ49Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTM5NTgwLDQ1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
5509ed240c1136c2ece2ad1d631395ceaba6c9f6c8dda9cce560f8e4ecce0dbd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SrIO3J0eZY6OpCYqDEV8ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-SrIO3J0eZY6OpCYqDEV8ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OP2u3rGMT2PDjwhtGAD5iSy8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-F_7PUdRtx6mcK4mhziogKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-F_7PUdRtx6mcK4mhziogKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAjON_e5kAAlgY0Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsvXXWvZNjX7pL_0-S-r1KerOAiAmazbZTpn5rTTUwrSpJmumELe8uUbeBOj3WmF3eDT65MTg5_R-x_3Or2nTB1du9BzGVTxBpiPQpPK6UV0a1-xbE3vdj7JNtujOSSs6B599TRQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUsvXXWvZNjX7pL_0-S-r1KerOAiAmazbZTpn5rTTUwrSpJmumELe8uUbeBOj3WmF3eDT65MTg5_R-x_3Or2nTB1du9BzGVTxBpiPQpPK6UV0a1-xbE3vdj7JNtujOSSs6B599TRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTM5NTgwLDUzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
035b2f51c29af59094a68c9698c122c6d2b154a1fa556eb03f8a45ff1ae7a743
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RaFKyr6NCBZ0Jj7CHXQUlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RaFKyr6NCBZ0Jj7CHXQUlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OP2u3rGMTuHDjTx8TADuTSvo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240212&jk=3342713618359800&bg=!0NOl05zNAAaxkZ3akZE7ADQBe5WfOCtgJDFe2Pp_YgOhNcx1jONbwSObUQcpYmfckFNNyqWL7kdZhe-0TL6WcGgxn7ajAgAAAMtSAAAAAmgBB5kCsujWoWP6Thln4_JfvChA3iIgqK6MVnwK6xFt-1RyVmEPgc_im45xGioFQyULb-szxcc_fP4xEzrcjheLxdvoYoqvRGzn8OH8mT5uTc5smQltuhqIh8Xq2DmcpJMt4EQHT1cijRVfO4F26GWFLd_jOJaxqp6Mw7DHXX9VaZy3G9H1tXaKs2SO885xPCrQR8K44wf5GpkiqqVzpDM_noBriMIMsP5vtOSjp2GqU7XqTeVu4STyLLXpWTl2So9AmLbOWcIzd4o3UmiRZbRf1hF1WKj61DQ3c2-NUQncBYksLzPZAKBtE6SgN-rkP13EXGm7EaODLLbEyEqU8ezcT8D91U7Sco4w8_pf_dJ0tpdUgU_iUkDJK_yc2MzHe31Rz-wv0eK1eic6DCGhq_KyMlvaglQWKv6gc5fKOmYONLQK-S9hEICjetcKyvQTqiKXOLrZ91SgjBXOp0-wUaixwEFksbEjWLApXo3C7jcpRJHmb6HLlhlAFa0F1QQh0Kgk_zvixQLdPzDL7l-xk3OUC6Obty86-lXnN3eEmN_0wlp-Ho7ndO1Au4FndpZ8WaTk-F3PvDu_cigPs8W14q7mJYXNAqRYQnfgR0a3n3cbhVkx3sfzKhRBi3Pq_6kfsJPu-kN6hVMutkMQxafisfNQ1SWVYFz3JOd6lPINGlXVDXVh2VUXhfxLCTXegLRNrPWlzCgYPawYuZMEwUmrTJTJ0o3csiEcEcZk0Fep3tLN7Oo4pJCuWc1EMDX82Oukb7cX65F77CmFbGJV3wjDgN56AzRTUIbQn26d4YElGQg6nUJBw9ksYfluVXDjj93sLH7MHFMLIMURxjl6bk4RAe777mcndZs7TXw-LsiNGqZwlQpAEwca2zTypx9c7YeMqW2OfkoBDoqXtFjmZa1OIkAYHyKPXk5RhA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
AGSKWxWyjy8w9W8cMNwIwidafdmEioFFSM8I_kPvOyJefdQyL7xEvc6fqaRkz0T1FHO41pWs2SQwd957J6QZj78ggFAdHwN74GJwiJYXSBYaiWdAbfOMQ1CxvuRTzsWLG2QqpGNuLRYx5w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWyjy8w9W8cMNwIwidafdmEioFFSM8I_kPvOyJefdQyL7xEvc6fqaRkz0T1FHO41pWs2SQwd957J6QZj78ggFAdHwN74GJwiJYXSBYaiWdAbfOMQ1CxvuRTzsWLG2QqpGNuLRYx5w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTM5NTgwLDYwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
8d21e89e40d82dd3dc08ef36fbc31de9b46957f1d3c707cc36a5ecf946527773
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yngOwVgchpg7GXO2Y3NaWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rustygriswold.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-yngOwVgchpg7GXO2Y3NaWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXFEKQhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejj9rt6xjE5jQ8GYTEwC8lk-H"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWVWBb_WSysPRkyGorBJiwlVUc1a3LJrOWrDrPDpcmWbrfTcluuh1vOw3d11ZCbWAC5DBYeljG_1ZBVe9RNcGueic7FqnLlX3DLeFZ79THMYJ0seRPwF_JeARxMZT6702flqsncKA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWVWBb_WSysPRkyGorBJiwlVUc1a3LJrOWrDrPDpcmWbrfTcluuh1vOw3d11ZCbWAC5DBYeljG_1ZBVe9RNcGueic7FqnLlX3DLeFZ79THMYJ0seRPwF_JeARxMZT6702flqsncKA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RjWaDWSOIZLnxtpLVxGRuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-RjWaDWSOIZLnxtpLVxGRuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZtAx-umy0wABg8Ywg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXapD6pQQdehCXk7Ya7k3OUweTCpvoyEkEEVc6oYT8yO4cAZpSNs3ZcBU6OMVJ9hibW_9DrYW9s9ht595pK-MENKC7gnSJ_U73yhhhHnHhVpHfp35Bj_oC6CDtl2obgWSE8sFKowQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MFTwcuSj2Cc_KgEiRvBLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rustygriswold.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 19:39:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-MFTwcuSj2Cc_KgEiRvBLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD8WbtlHZvAitnLLzMBAAPuGK8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rustygriswold.ca
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 04F6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN1BR8xb_CrooYxMNiYVGmvBzV9T6HIFbJKrC3k6L_1hlgqJEPje2o-vB4jLzuPChyfbZLxoy6okt6vi_JRSHuTVJF_PC9C21cMYgDp0y7Pp521LOBBBHkLPNGTZJJYU_naO_YgM_s8P5mn6J9lkSDbRBTyxSHeaE&sai=AMfl-YQ9VRt6DUolbPbdiiKJl-kDzYogQ6JMLLEFTP28IVJ3JfqW379MEiL6CrURtL8a5izlHNEzvuAhYGU0oSlwnXEk2-d-jyyziJOhLMu19aLWe1wgg3B5AzLk5YO-CzhD-9Yn8Kf4suWFmZuLQeh04g&sig=Cg0ArKJSzNK3b5QFh-h3EAE&cid=CAQSTwAvHhf_egWYNF37s-o7aFq6fw2o9zai2xAAUuFHfPYlMQU5t7xXYK66WoCohuQQF_1de0O_9L33poR8-AMpc4LRXBgWbhtND7tTki8NrT0YAQ&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=90,773,1001,1096,1136&tos=90,683,228,95,40&v=20240213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=387237900&rst=1707939579540&rpt=241&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 19:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer function| WPO_Intersection_Observer object| WPO_LazyLoad object| starter_templates_zip_preview object| ct_localizations object| _wpUtilSettings object| wpformsElementorVars function| loadCSS function| Vue undefined| $ function| jQuery object| runtime object| regeneratorRuntime object| wp object| blocksyJsonP object| ctEvents object| blocksyResponsiveMenuCache object| ctFrontend object| webpackChunkelementor object| elementorModules function| Waypoint object| elementorFrontendConfig object| WPFormsElementorFrontend object| elementorFrontend function| _ object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzIxMjY5YTU4ZmM4MjU0NWxvYWRlcl9qcw== string| YzIxMjY5YTU4ZmM4MjU0NWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| cd150034-c814-4eca-80b9-7e194befb5b5 object| google_image_requests

9 Cookies

Domain/Path Name / Value
.rustygriswold.ca/ Name: _ga
Value: GA1.1.1525237716.1707939577
.rustygriswold.ca/ Name: __gads
Value: ID=9101b830fe414696:T=1707939578:RT=1707939578:S=ALNI_Mbp-3App2hvhF-lQH_xceB8pRZugA
.rustygriswold.ca/ Name: __gpi
Value: UID=00000dc9ec5f8eba:T=1707939578:RT=1707939578:S=ALNI_Mal83avacN_1LiwxVmeObuI_OvFgA
.rustygriswold.ca/ Name: __eoi
Value: ID=cf1437c1ba059500:T=1707939578:RT=1707939578:S=AA-Afjbhi1TQOOIoj-m_0BR3_KXo
.rustygriswold.ca/ Name: _ga_7TKVW5VVYW
Value: GS1.1.1707939577.1.0.1707939579.58.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmyVjo7yWxFY5TYgnsbd1jXcDjx5uWject96NMaPeutGzDEWtKVuEsq8FFkhZg
.googleadservices.com/ Name: ar_debug
Value: 1
.rustygriswold.ca/ Name: FCNEC
Value: %5B%5B%22AKsRol_yJXO8jYtatvrpzjIzR7VffUE0rAx_aFz6ez0qHidziT1e7xq16rFdvFZlT7R5e3oqehProJNAnfoFhoftK1DfVwrpRehRtpCYtQ5EXGVcxVpwPG5qu0i6NkTqBt3RDmPu5YOEfaVrh_nlVrF3zgAB4I8vWQ%3D%3D%22%5D%5D

9 Console Messages

Source Level URL
Text
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rustygriswold.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rustygriswold.ca
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.18.153.16
142.250.31.155
142.250.31.94
142.251.16.157
142.251.163.155
142.251.167.97
172.253.122.132
172.253.63.113
172.253.63.147
172.253.63.155
216.239.38.181
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
035b2f51c29af59094a68c9698c122c6d2b154a1fa556eb03f8a45ff1ae7a743
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0d3d5dbea6d737f16120edf8964a395afb13f842a56824dd74dcd80d5fbdf403
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
12c9c9e4d1859f24294c39641290bd6e72c29798d3f9015c1c223e5e7d08379f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f
1cd6b08ca4ab8f8edc5d0a8995df2b62795048b31809efa131a85d73a3801321
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21c2520c2ebee220cc82ad04fdd8ece4595830c58b7d9843b6b36762caf39e5d
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
303efc9d7500b36a55af45e4823729f358f2482445036c56b0cb295ee4f6384f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31da668930af787f650484394c91d67b20900bf693c82af75bc9f83a2b95ba72
37298501a40517c37a2051b35f80acf6396a1c900a84d0076658e566cc16775b
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
497207545e4aaa14add0c59adb6fc64a61a3375a525c9eb96527dd326a6d62aa
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
50cae3ae850bbe7f3bc70f73fc4328a8ad5780e8428f3dc11afd8e0a61d677cf
5509ed240c1136c2ece2ad1d631395ceaba6c9f6c8dda9cce560f8e4ecce0dbd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a9165ca527ff75cbecc812e4f0fe82774c84325295a173eb40547778ac09ce
594450ad1fa2b042976a3a4505e00926d5130cbce6122e33776fa3a15ec2d925
5b72585a41bf7da4db40c14a5b8405d32391c20125f04377009208313972d3b0
5bb4ad65a984323e2099126271672ef91746d429da08f37cf53a44c4764ce06a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
69311ab2d89a9b8df1d52beb3e99b436cc9f54019f21ddf983babf271f00bbea
69fc5e4973bc1c1df90643f8a8ac051a3b3e9021e09343112dd11795fd329cd8
6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
8675a06a1093ba0769100e8375d07b9c47dd85cdd31f8c5fe656d53f70316e6f
8d21e89e40d82dd3dc08ef36fbc31de9b46957f1d3c707cc36a5ecf946527773
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f0f803759f3c08a5fdcbd8a15addc355796008b3a42edb2c327ad90fb5d9ef0
b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cbea9d610679963f170f28ab4b98775df5c480b792302e51be494dc8d0d25860
cd2ba52d6a69a91ed5c31a1d3e772fc29b802959066d34d40f6cadf1c71cf924
d468726090822cb68a8c3879fbd1acddfec1ebcfeb9e0db97234884c04a18278
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e27bbd0196e326686d24579da0b9aeabf8ea0603ff3c84ae6a6b2dc95008d3fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6467c281169a441f394dfda90beee6c7ad1afca3721ed7b13f2e255fac84216
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaeeb7ba4f43ca1f7820f3c7b7551969d42123584943a6b749bd85d3609bb7c
fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2