free-calendar.su Open in urlscan Pro
87.236.16.56  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1

Request Chain 91

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUcytNxTCQPMYMW1Lvr3rgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1

Request Chain 92

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECtrGbBbYb3gZM97zd0W1Sc&google_cver=1

Request Chain 93

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA0NzY0NzUwOTA3MjQ4NjM2

Request Chain 107

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 108

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJuI1E_hVOiJpI-R2S_eSUs&google_cver=1&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZPDCNOm87DjJTWBrZSPMkrlRQXU0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZPDCNOm87DjJTWBrZSPMkrlRQXU0

Request Chain 109

• https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOlExhtszLCtP6ylm546Nqs&google_cver=1&google_push=AXcoOmS17BULfVhbxjsTaMl-obb_oYQo23LZnyL0x51KL9Ll9FfPOd2CjWnFMhf2k2hW2UUG9C7AOKOM8TjV536Hzb7mfkyOnDDPIKE HTTP 302
• https://match.adsrvr.org/track/cmb/google?google_gid=CAESEOlExhtszLCtP6ylm546Nqs&google_cver=1&google_push=AXcoOmS17BULfVhbxjsTaMl-obb_oYQo23LZnyL0x51KL9Ll9FfPOd2CjWnFMhf2k2hW2UUG9C7AOKOM8TjV536Hzb7mfkyOnDDPIKE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWFhYzZhODMtZGM4OC00ZWY5LWFhNmEtYzY1MDhjMTMwZDk2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1aac6a83-dc88-4ef9-aa6a-c6508c130d96

Request Chain 110

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENqVCLqTZVFKWAdVZpwKx6U&google_cver=1&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn5JaR5pLE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn5JaR5pLE&google_hm=eS1DR2syZ2s5RTJwRUhpUGl3Nl9VTVh3SFBtSlFTajhHMH5B

Request Chain 112

• https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJPG-6SH_Htn98C0mxDnHFw&google_cver=1&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ21s7c1-0g9DDQ7CCSI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2VwAK87JF0-JbVkaS1rQFg&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ21s7c1-0g9DDQ7CCSI

Request Chain 113

• https://an.yandex.ru/mapuid/google/CAESEKlum7rMd7zp8T7TeFXW-sU?ext-param=AXcoOmTBtCMtwYi4B9Jj6mkNBRj--gktR3Z5zt9Aqj_g7cDKAtsuzeaNOVZD_yqiX-rqeAzxyiCFBryobuCSHTXaK5BMwipHfjaDrHk&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://an.yandex.ru/mapuid/google/CAESEKlum7rMd7zp8T7TeFXW-sU?redir-setuniq=1&ext-param=AXcoOmTBtCMtwYi4B9Jj6mkNBRj--gktR3Z5zt9Aqj_g7cDKAtsuzeaNOVZD_yqiX-rqeAzxyiCFBryobuCSHTXaK5BMwipHfjaDrHk&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKlum7rMd7zp8T7TeFXW-sU&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response free-calendar.su/	83 KB 13 KB	1629ms 772ms	Document text/html	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / PHP/7.4.33 Resource Hash b91da7d20f20879b42fe6863df2abba4ad0f4f87bef7402c1d54118c9a1cfbe0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 05 Nov 2023 06:14:08 GMT link <https://free-calendar.su/wp-json/>; rel="https://api.w.org/" server nginx-reuseport/1.21.1 vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	style.min.css free-calendar.su/wp-includes/blocks/navigation/	16 KB 2 KB	151ms 149ms	Stylesheet text/css	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/blocks/navigation/style.min.css?ver=6.3.2 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 8bc38a3ba348b745e3267b8354828f3fd3a91ba2b479331567344e33bb574580 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 02 Oct 2023 06:23:26 GMT server nginx-reuseport/1.21.1 etag W/"651a61de-3ed1" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	adsforwp-front.min.css free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/css/	1 KB 721 B	151ms 149ms	Stylesheet text/css	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.25 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Fri, 29 Sep 2023 16:45:55 GMT server nginx-reuseport/1.21.1 etag W/"6516ff43-4c0" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	view.min.js Show response free-calendar.su/wp-includes/blocks/navigation/	1 KB 613 B	151ms 149ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/blocks/navigation/view.min.js?ver=886680af40b7521d60fc Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash ab818ea203ab8d42199843b83b588ccfd1709d0f2d0f9c6134705a7b214d3ad6 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 02 Oct 2023 06:23:26 GMT server nginx-reuseport/1.21.1 etag W/"651a61de-470" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	view-modal.min.js Show response free-calendar.su/wp-includes/blocks/navigation/	8 KB 3 KB	151ms 150ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/blocks/navigation/view-modal.min.js?ver=b478fa3cd1475dec97d3 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 54fa98ef8a13985472ddcb006b93f2f1283037b914a75de41daf3aad7a429f7d Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 02 Oct 2023 06:23:26 GMT server nginx-reuseport/1.21.1 etag W/"651a61de-1e86" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	jquery.min.js Show response free-calendar.su/wp-includes/js/jquery/	85 KB 30 KB	151ms 150ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 02 Oct 2023 06:23:26 GMT server nginx-reuseport/1.21.1 etag W/"651a61de-155ba" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	jquery-migrate.min.js Show response free-calendar.su/wp-includes/js/jquery/	13 KB 5 KB	152ms 150ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 02 Oct 2023 06:23:26 GMT server nginx-reuseport/1.21.1 etag W/"651a61de-3509" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 52 KB	124ms 62ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052068471485484 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash d4d4f63aeab31d846d44df7ec9cd07fab6f77a53753b2f9a770903aa3ba4c93a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Origin https://free-calendar.su accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52649 x-xss-protection 0 server cafe etag 7435901240308387337 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sun, 05 Nov 2023 06:14:09 GMT
GET H2	200	ads-front.min.js Show response free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/js/	7 KB 4 KB	152ms 151ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.25 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Fri, 29 Sep 2023 16:45:55 GMT server nginx-reuseport/1.21.1 etag W/"6516ff43-1dd6" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	ads-frontend.min.js Show response free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/js/	1 KB 617 B	152ms 151ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.25 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Fri, 29 Sep 2023 16:45:55 GMT server nginx-reuseport/1.21.1 etag W/"6516ff43-427" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET DATA	200 OK	truncated /	506 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb2bda40407926046ecec70e88ee75e7287563751a23e9eb2783675a352faedf Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	5dbb8256-2607-4954-ae53-e3135e6e3951 https://free-calendar.su/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://free-calendar.su/5dbb8256-2607-4954-ae53-e3135e6e3951 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/	400 KB 136 KB	129ms 69ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052068471485484 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 873bc1b6caa08d3793bb5223b1ab948ec3e514deebff340798d08ac8e37f700b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138534 x-xss-protection 0 server cafe etag 11135496308857770137 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 05 Nov 2023 06:14:09 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame E290	10 KB 10 KB	89ms 29ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052068471485484 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 48465 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-length 10289 content-type text/html; charset=ISO-8859-1 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:46:24 GMT etag 251720774729838433 expires Sat, 18 Nov 2023 16:46:24 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	wp-emoji-release.min.js Show response free-calendar.su/wp-includes/js/	18 KB 5 KB	149ms 148ms	Script application/x-javascript	87.236.16.56 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://free-calendar.su/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.56 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.astral.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:09 GMT content-encoding gzip last-modified Mon, 10 Apr 2023 09:00:53 GMT server nginx-reuseport/1.21.1 etag W/"6433d045-4904" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 12 Nov 2023 06:14:09 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	399 B 607 B	105ms 41ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=free-calendar.su&callback=_gfp_s_&client=ca-pub-7052068471485484 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 03bc21e087b49c9dbc804f690d2edbbc0e73e579ec47f14a22435cb0723f2b63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F0D0	702 KB 112 KB	1387ms 1387ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&adk=1812271804&adf=3025194257&lmt=1699164849&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Ffree-calendar.su%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849726&bpp=5&bdt=456&idt=199&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3696461174713&frm=20&pv=2&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=227 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 61b48702ca5a00cb3b8cd7902d91a94c7b3faa536159f82c5f4d26b923d172ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 114953 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:11 GMT expires Sun, 05 Nov 2023 06:14:11 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 47E3	160 KB 55 KB	943ms 942ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash ce05169c7f232f6ff3b4cb7e29da9908c3dadd74ead5f36fc4a53f439fbb7190 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 56212 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:10 GMT expires Sun, 05 Nov 2023 06:14:10 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 47E3	3 KB 1 KB	96ms 32ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39278 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 47E3	20 KB 9 KB	92ms 29ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1135 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 47E3	189 KB 60 KB	93ms 32ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET DATA	200 OK	truncated / Frame 47E3	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26a9ee342e9c8a90290b7c88ac49a4deea93dcf48a7dd073b903f47ba4fb9840 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 47E3	0 23 B	55ms 54ms	Image text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cx3wQsjJHZYstw7mEBrSRj6gC0pG2jW250K7Klg_AjbcBEAEgAGD96KKB8AOCARdjYS1wdWItNzA1MjA2ODQ3MTQ4NTQ4NMgBCagDAcgDAqoEvQFP0CUvgpGSoH_bx4jQD5cf8k-Zi9oCl8ys8D58B4kIXrQ2kumAWBdl3vM4OdAKBEn88BaWOAia8rUcjaVOGTH4dj_bW_ytHVVtOVl-JrBZ-0NM72-gG-wyHh_KzK63gkiWFtEfUuu-znbnlCeUDEZEJWfGHL41QWqgp1Fkvn9ww92VB7v1lNAaLxZTZgCAGpMWC9GqgHXTyZjR8BNYHPcVEayOa-pbsyMoGHt0VG0_5_9OZNXNIJU-zJn2mJWABqaukfCV7OnBXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzA1MjA2ODQ3MTQ4NTQ4NBgA&sigh=RLOwP7vI_Ww&uach_m=[UACH]&cid=CAQSTADICaaNaVVnVmkFi4I-ByKze8pEKBNLo7IkuvLHcUOWdaaTLzPxJrRLPqBZVK-H70W1AbxRKnepSFTiIndAu0P7eRs0saKVvrPO1NwYAQ&cbvp=2&vis=1 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 05 Nov 2023 06:14:11 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	204	rtimp g.bidbrain.app/ Frame 47E3	0 757 B	122ms 66ms	Image text/plain	34.149.135.28 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://g.bidbrain.app/rtimp?sid=888ed85c-7ba2-11ee-b087-9ee5696d45b0&d=free-calendar.su&cr=ext_ng_start_fires6&a=imp&p=ZUcysgAAFosKwRzDAAPItHf5tnAVZAKvdNHKMA&im=mcZ0al-YbJ4dqCj1n7Yx4Npm7QJMO0PtTAA1zegVdw8T5h8GZGb931GANkh06yndkIkBpOYL-XJmT9Xf4lzP3dUpWdlj9ygYELSsejx1MwXtnu67k9MWB3Mk5pBAE-Y7qgwIsmaiv3oRxSu0CB1ALk6RFq4NFbSigMe5qr_fD09CxMBa1BFM3e73ncQ9qagN8OPhMocmGSvPF8X6SPbgBuvFNRAjx7lqYknmBbkgig01HFefj2tqQuY09j6wXNjBxl7UmnU75tFiO-MRU-gQj6JoD8XxrEQOKypYgfpXF8PImPwpfqUcnzhUFyEm_Ywl&cbvp=2 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.135.28 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 28.135.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:11 GMT via 1.1 google access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H2	200	Roboto-Regular.ttf cdn.rtbrain.app/fonts/ Frame 47E3	159 KB 160 KB	85ms 29ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 869 x-guploader-uploadid ABPtcPo9zj-LKkfRz3UfYPDEqgFD-koPti9WWJ_SwHQGh75udOmD23Uf9YYlKJg22Q79cY0lW7PhkbdxsmZ00u5ppF60oQ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162876 last-modified Wed, 14 Jun 2023 14:22:11 GMT server cloudflare etag "ac3f799d5bbaf5196fab15ab8de8431c" vary Accept-Encoding x-goog-generation 1686752530970769 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Br2A7LWmnvzRMiEiEQoc%2FsXQvi%2FmnOJDxc91gw1zzy9pxqZyNPzZd1i%2BedJ%2F8%2BGtRA1TGn%2FYrW%2Bl7RTd3QApGR%2F6CE%2FyAj4iMBT4KopWtgOeguNUA5aD%2FgnHJVQtO4xvBQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162876 accept-ranges bytes cf-ray 8212f4803c09548b-YYZ expires Sun, 05 Nov 2023 06:27:54 GMT
GET H2	200	Roboto-Bold-700.ttf cdn.rtbrain.app/fonts/ Frame 47E3	159 KB 159 KB	131ms 75ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3323 x-guploader-uploadid ABPtcPqwY3pLJtK7i3_ZXqvlR9djmu2sGEyMfS6y9CfKGXPZKdP890Rs_zcf-cbUXxHtxliQsdKbqfwKL2huP7YGHVV6wg x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162464 last-modified Wed, 14 Jun 2023 14:03:41 GMT server cloudflare etag "d329cc8b34667f114a95422aaad1b063" vary Accept-Encoding x-goog-generation 1686751421527536 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8PyDfj2KYjnm8I5Wi87Fh2SZZTLooH9YvEcXzsAbxsapYnr5Vl2xxrujx0LVWrf1botQ8%2FRY7Ulk3D8fowBq4WbmpcUP%2FkuzHUmxEQ1j881a6pmVlWnw%2FV0p8BCjwnXBg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162464 accept-ranges bytes cf-ray 8212f4803c0a548b-YYZ expires Sun, 05 Nov 2023 05:59:21 GMT
POST H2	204	rtimp g.bidbrain.app/ Frame 47E3	0 406 B	84ms 84ms	Ping text/plain	34.149.135.28 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.bidbrain.app/rtimp Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=450&slotname=4361138913&adk=1879706807&adf=3785973384&pi=t.ma~as.4361138913&w=450&lmt=1699164849&format=450x450&url=https%3A%2F%2Ffree-calendar.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164849731&bpp=2&bdt=460&idt=231&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=SxfCgDywxk&p=https%3A//free-calendar.su&dtd=236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.135.28 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 28.135.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:11 GMT via 1.1 google access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	51ms 50ms	XHR application/json	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 62051a2350e424a29e6aab604c3e53b72e42f0f41037f7642b64bf699fe24d50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12280 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/	160 KB 55 KB	59ms 58ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/reactive_library_fy2021.js?bust=31079356 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 10be227b123607a466dde5dc5b1d16646b5b0c5fb19036f99a148a88219c4b58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56032 x-xss-protection 0 server cafe etag 1312581197830711203 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0D52	24 KB 11 KB	925ms 924ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash dc1f264cb63632636db6aa7024c6667e0a56dfa521370033b5be9e5bff829008 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 11495 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:12 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	45ms 44ms	Image image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44804188&hl=en&pvc=630709843855693 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 483 B	106ms 43ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash d91d77a752075f4354c919100ee3e868b98b5a0e3853e63257dfe10a85b35541 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 06:14:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 731 B	105ms 42ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 04:28:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	css2 fonts.googleapis.com/	573 B 444 B	104ms 41ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 91d13f4ae5ff8db16c4cb3bb056d699821afe737798000c9ba2f18ba58d0c97e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 06:14:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	103ms 40ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 06:05:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	46ms 46ms	Image image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44806133&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=630709843855693 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	31ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 05 Nov 2023 06:14:11 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 9D03	10 KB 4 KB	31ms 30ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 49993 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:20:58 GMT etag 251720774729838433 expires Sat, 18 Nov 2023 16:20:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 09E0	10 KB 4 KB	30ms 29ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 49993 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:20:58 GMT etag 251720774729838433 expires Sat, 18 Nov 2023 16:20:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 37E1	10 KB 4 KB	30ms 30ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 49993 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:20:58 GMT etag 251720774729838433 expires Sat, 18 Nov 2023 16:20:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame BDC5	10 KB 4 KB	32ms 30ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 49993 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:20:58 GMT etag 251720774729838433 expires Sat, 18 Nov 2023 16:20:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 080A	13 KB 5 KB	31ms 29ms	Document text/html	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 231924 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 13:48:47 GMT expires Fri, 01 Nov 2024 13:48:47 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame B7DA	829 B 1 KB	107ms 45ms	Document text/html	142.251.163.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f104.1e100.net Software GSE / Resource Hash e572a49708fe4237d616edcbd07784707cd0c13d8dd1f825bef4203ba1c4fddf Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gBvQpIMyti9DX9DIJ413oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://free-calendar.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-gBvQpIMyti9DX9DIJ413oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:11 GMT expires Sun, 05 Nov 2023 06:14:11 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/ Frame 9D03	4 KB 745 B	40ms 40ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 05:14:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 9D03	205 B 295 B	94ms 32ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 03:20:34 GMT x-content-type-options nosniff age 10417 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 04 Nov 2024 03:20:34 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 9D03	604 B 1 KB	93ms 31ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 23:37:13 GMT x-content-type-options nosniff age 23818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 03 Nov 2024 23:37:13 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 9D03	16 KB 7 KB	31ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 23:07:24 GMT content-encoding br x-content-type-options nosniff age 25607 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6828 x-xss-protection 0 server cafe etag 11986448221276412250 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 23:07:24 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 9D03	21 KB 9 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 07:32:55 GMT content-encoding br x-content-type-options nosniff age 81676 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8796 x-xss-protection 0 server cafe etag 1225823381704108053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 07:32:55 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 09E0	3 KB 1 KB	31ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39278 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 09E0	20 KB 8 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1135 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 09E0	189 KB 59 KB	32ms 31ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	HhyqU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1SbxVhQidBnv_C-yl.woff2 fonts.gstatic.com/s/googlesymbols/v229/	662 KB 663 KB	93ms 30ms	Font font/woff2	172.253.63.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesymbols/v229/HhyqU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1SbxVhQidBnv_C-yl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f94.1e100.net Software sffe / Resource Hash a769ba035d09bab14ca680172039c487a3cf1e155d11245a4ed78b8dcbed8351 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://free-calendar.su accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 06:42:12 GMT x-content-type-options nosniff age 257519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 677644 x-xss-protection 0 last-modified Tue, 24 Oct 2023 01:35:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 06:42:12 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 37E1	3 KB 1 KB	31ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39278 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 37E1	20 KB 8 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1135 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 37E1	189 KB 59 KB	33ms 33ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame BDC5	2 KB 1 KB	115ms 30ms	Script application/javascript	23.222.5.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=27642697&cmp=30453521&plc=373907885&sid=7870633&dvregion=0&unit=728x90 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-222-5-74.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Sun, 05 Nov 2023 06:14:11 GMT Content-Encoding gzip Last-Modified Mon, 02 Oct 2023 09:51:44 GMT Server UploadServer ETag "56f95dec40f6402642b5537aa29ad91c" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 932 Expires Mon, 06 Nov 2023 06:14:11 GMT
GET H3	200	m_js_controller_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame BDC5	36 KB 14 KB	31ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/m_js_controller_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9e8e70a585f531f10efc279fd1759e65311259d4ca838551be488445125f451c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 23:01:35 GMT content-encoding br x-content-type-options nosniff age 25956 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14472 x-xss-protection 0 server cafe etag 6006502838505956154 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 23:01:35 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame BDC5	3 KB 1 KB	44ms 42ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39278 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame BDC5	20 KB 8 KB	39ms 38ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1135 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BDC5	189 KB 59 KB	32ms 31ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame BDC5	23 KB 9 KB	44ms 44ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 20:26:48 GMT content-encoding br x-content-type-options nosniff age 35243 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9345 x-xss-protection 0 server cafe etag 15168757854195530193 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 20:26:48 GMT
GET H3	200	css fonts.googleapis.com/ Frame 8173	10 KB 1 KB	41ms 41ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Nov 2023 05:07:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Nov 2023 06:14:11 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8173	2 KB 825 B	30ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 02:45:13 GMT content-encoding br x-content-type-options nosniff age 12538 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 798 x-xss-protection 0 server cafe etag 15713038447858168282 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 02:45:13 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 8173	23 KB 9 KB	30ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 20:26:48 GMT content-encoding br x-content-type-options nosniff age 35243 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9345 x-xss-protection 0 server cafe etag 15168757854195530193 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 20:26:48 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2E73	143 B 166 B	33ms 32ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 3572 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 05:14:39 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8173	3 KB 1 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39278 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8173	20 KB 8 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1135 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8173	189 KB 59 KB	34ms 33ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:11 GMT
GET H2	200	ac1dbca482530a26bafc7a8c1241173a.js Show response www.gstatic.com/mysidia/ Frame 8173	36 KB 15 KB	32ms 31ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 18:47:01 GMT content-encoding gzip x-content-type-options nosniff age 41230 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15099 x-xss-protection 0 last-modified Wed, 01 Nov 2023 17:23:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 02 Feb 2024 18:47:01 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 080A	38 KB 15 KB	31ms 30ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 16:40:40 GMT content-encoding br x-content-type-options nosniff age 48811 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 03 Nov 2024 16:40:40 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B7DA	0 0	44ms 44ms	Image text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=630709843855693&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H/1.1	200 OK	dvbs_src_internal122.js Show response cdn.doubleverify.com/ Frame BDC5	60 KB 20 KB	37ms 37ms	Script application/javascript	23.222.5.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal122.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=27642697&cmp=30453521&plc=373907885&sid=7870633&dvregion=0&unit=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-222-5-74.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Sun, 05 Nov 2023 06:14:11 GMT Content-Encoding gzip Last-Modified Mon, 02 Oct 2023 09:51:46 GMT Server UploadServer ETag "676309fe6e3823d28d9b38e6462bb025" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 19669 Expires Mon, 04 Nov 2024 06:14:11 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2E73 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	39ms 39ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:11 GMT expires Sun, 05 Nov 2023 06:14:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:11 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response pagead2.googlesyndication.com/bg/ Frame E624	50 KB 19 KB	30ms 30ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software sffe / Resource Hash 1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 16:23:47 GMT content-encoding br x-content-type-options nosniff age 49824 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 03 Nov 2024 16:23:47 GMT
GET H2	200	Roboto-Regular.ttf cdn.rtbrain.app/fonts/ Frame 09E0	159 KB 160 KB	37ms 36ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 869 x-guploader-uploadid ABPtcPo9zj-LKkfRz3UfYPDEqgFD-koPti9WWJ_SwHQGh75udOmD23Uf9YYlKJg22Q79cY0lW7PhkbdxsmZ00u5ppF60oQ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162876 last-modified Wed, 14 Jun 2023 14:22:11 GMT server cloudflare etag "ac3f799d5bbaf5196fab15ab8de8431c" vary Accept-Encoding x-goog-generation 1686752530970769 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdlIdzGCkOaSgfi8rrRO%2BBDjgIalqYISKB3%2F6cPRGPvJ6GJLPyUPnIi7gI%2Fu0KcV7BLqiUfcBsEObwrFkb2nLsie4bySFr7L0Yp1EOF9KTwwB4RUEUg6tnmb%2FyRPNB5NyQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162876 accept-ranges bytes cf-ray 8212f484de2d548b-YYZ expires Sun, 05 Nov 2023 06:27:54 GMT
GET H2	200	Roboto-Bold-700.ttf cdn.rtbrain.app/fonts/ Frame 09E0	159 KB 159 KB	31ms 31ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3323 x-guploader-uploadid ABPtcPqwY3pLJtK7i3_ZXqvlR9djmu2sGEyMfS6y9CfKGXPZKdP890Rs_zcf-cbUXxHtxliQsdKbqfwKL2huP7YGHVV6wg x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162464 last-modified Wed, 14 Jun 2023 14:03:41 GMT server cloudflare etag "d329cc8b34667f114a95422aaad1b063" vary Accept-Encoding x-goog-generation 1686751421527536 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az6Bc1uoygZhhROPnhaUr4v109IOqZetTzgtcehFzF6f1ZO9iln%2FblCI7u3nrPNO8EO0H0To6eyrh5AXk%2F7%2FVwL%2FzZaSYz7CtObRAhSm3oyW5%2FYS9LYqCkj%2BGHjWimUcug%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162464 accept-ranges bytes cf-ray 8212f484de2f548b-YYZ expires Sun, 05 Nov 2023 05:59:21 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame BDC5	653 B 703 B	603ms 53ms	Script text/javascript	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_339431518240&jsTagObjCallback=__tagObject_callback_339431518240&num=6&ctx=27642697&cmp=30453521&plc=373907885&sid=7870633&advid=&adsrv=&unit=728x90&isdvvid=&uid=339431518240&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=119&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau7C66%5C42%3D6%3F52C%5DDFTauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C66%5C42%3D6%3F52C%5DDFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=5.90&callbackName=__verify_callback_339431518240 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal122.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash 9de6fe4a2e0a93501202e839085bc9002ff8168063f59b44078db8a3a6e59cc6 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Pragma no-cache Date Sun, 05 Nov 2023 06:14:12 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 11/04/2023 06:14:12
GET H2	200	Roboto-Regular.ttf cdn.rtbrain.app/fonts/ Frame 37E1	159 KB 160 KB	30ms 30ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 869 x-guploader-uploadid ABPtcPo9zj-LKkfRz3UfYPDEqgFD-koPti9WWJ_SwHQGh75udOmD23Uf9YYlKJg22Q79cY0lW7PhkbdxsmZ00u5ppF60oQ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162876 last-modified Wed, 14 Jun 2023 14:22:11 GMT server cloudflare etag "ac3f799d5bbaf5196fab15ab8de8431c" vary Accept-Encoding x-goog-generation 1686752530970769 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jHpQuk1ATaHriL5ljWZ5tyih6gyMMTZ3Rq5FHmCZi4QRx0MNG5qGm42vEwcYyG7hZWKi49UBkPBYEy9EFZtAGIWN8LtcKzo9ohH4dsfi%2BVlyLFITuIpanGvkuG%2Feod4xg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162876 accept-ranges bytes cf-ray 8212f484fe53548b-YYZ expires Sun, 05 Nov 2023 06:27:54 GMT
GET H2	200	Roboto-Bold-700.ttf cdn.rtbrain.app/fonts/ Frame 37E1	159 KB 159 KB	36ms 36ms	Font application/octet-stream	104.26.3.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3323 x-guploader-uploadid ABPtcPqwY3pLJtK7i3_ZXqvlR9djmu2sGEyMfS6y9CfKGXPZKdP890Rs_zcf-cbUXxHtxliQsdKbqfwKL2huP7YGHVV6wg x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 162464 last-modified Wed, 14 Jun 2023 14:03:41 GMT server cloudflare etag "d329cc8b34667f114a95422aaad1b063" vary Accept-Encoding x-goog-generation 1686751421527536 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOsZ50zwuWbJ37AGPdpdRRqgBuuhd23hx9lVvp8aJrep5TBzAITp0p82SbDJhaQLrkPm26YtAi5NmMFq4WzXdOT8p%2BfonMUI0ngAYH3WJbAjPC%2B8g%2Fk8%2Bi1lZ%2F7UQo1%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 162464 accept-ranges bytes cf-ray 8212f484fe54548b-YYZ expires Sun, 05 Nov 2023 05:59:21 GMT
POST H2	204	rtimp g.bidbrain.app/ Frame 09E0	0 275 B	73ms 72ms	Ping text/plain	34.149.135.28 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.bidbrain.app/rtimp Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.135.28 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 28.135.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT via 1.1 google access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
POST H2	204	rtimp g.bidbrain.app/ Frame 37E1	0 277 B	69ms 69ms	Ping text/plain	34.149.135.28 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.bidbrain.app/rtimp Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.135.28 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 28.135.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT via 1.1 google access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 080A	0 10 B	29ms 29ms	Image text/plain	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?wUgYWA Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:12 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 47E3	42 B 64 B	46ms 46ms	Fetch image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoVop793sfSRqoHeINfFhzjzdG6Obc-zclSGgOnEUsnrULaPEFUGVqBjIIZDN6NNe-KzTBUtohzqjrLUS3ZDYigWp8oAw_0ZruE1-R6osLtwOmafMQgQ&sig=Cg0ArKJSzM18M-rxFPk9EAE&id=lidar2&mcvt=1000&p=0,0,450,450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1879706807&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699164849968&rpt=1179&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0D52	42 B 63 B	46ms 45ms	Image image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRjo2rFQawxalQ1PK6KMy1p-YpZDv1OrgdsKn2KccCMPePX8f55ZinaMmRt5XVrqxlp0nmJTlsPFZ4jxMeNWzVK0Ad-mETpSAxtyv0PZEiCyLUs20 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0D52	0 20 B	47ms 45ms	Image image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5380812755982129469&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 0D52	89 KB 31 KB	68ms 66ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:12 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 05 Nov 2023 06:14:12 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0D52	3 KB 1 KB	32ms 31ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 19:19:33 GMT content-encoding br x-content-type-options nosniff age 39279 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 19:19:33 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0D52	20 KB 8 KB	32ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 05:55:16 GMT content-encoding br x-content-type-options nosniff age 1136 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8610 x-xss-protection 0 server cafe etag 7739385728678230190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 05:55:16 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 0D52	0 0	47ms 45ms	Image text/html	142.251.163.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxSp06dTUQIbjSON1aACH0jIXbEdyLlxciiepYMEHnMqd1D8J4Wn9G5keeZUX_74qN6dAsgdjKmVHLFF7NhN4FMFIp_A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f104.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0D52	197 KB 62 KB	34ms 33ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software sffe / Resource Hash d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63354 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Nov 2023 06:14:12 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A0DB	624 B 245 B	51ms 50ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYxpO_7gEwAQ&v=APEucNW4XmbLuK8J5MrkSFT5PRswban1zlLp5mOHT7zVZqwuCRMyz6xzGtkAdsEujznD_Q4WqSverhpbWS7eQ0SMm77AcfIGlA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 06:14:12 GMT expires Sun, 05 Nov 2023 06:14:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame A0DB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1	43 B 338 B	39ms 38ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYxpO_7gEwAQ&v=APEucNW4XmbLuK8J5MrkSFT5PRswban1zlLp5mOHT7zVZqwuCRMyz6xzGtkAdsEujznD_Q4WqSverhpbWS7eQ0SMm77AcfIGlA Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M643HEXMBMtUJo19E8xvvLnIKNVCCZJEI%2BthKP63k3lop04pEFS32bhe5%2FSLUKlD1APdXDPHFbM9JTbVD5zGiCX9wvFdBiWdL4FWaKc0WsGTYjlui8LrDTStjW99aRekwJklxsKym8U%2Fpw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8212f4887f787148-YUL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A0DB Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUcytNxTCQPMYMW1Lvr3rgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1	43 B 766 B	58ms 57ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYxpO_7gEwAQ&v=APEucNW4XmbLuK8J5MrkSFT5PRswban1zlLp5mOHT7zVZqwuCRMyz6xzGtkAdsEujznD_Q4WqSverhpbWS7eQ0SMm77AcfIGlA Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNCgFuUSmavEmzcEsuEA8DG1bM2yAp8hbrmjEbMV8p%2FawgN0xOYJl1FGhktp07u5tFTY9Blj5SewjPSoCzucaQ4yiPXgvJyD7CEeNiv4dMjuOCMyGYsTmUNuOgPH7yaVoy7IgU6SvwHkfA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8212f4890bc8541f-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5MXGktKkwc8h6wdWawydQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame A0DB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECtrGbBbYb3gZM97zd0W1Sc&google_cver=1	0 393 B	25ms 24ms	Image text/html	68.67.161.208 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESECtrGbBbYb3gZM97zd0W1Sc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYxpO_7gEwAQ&v=APEucNW4XmbLuK8J5MrkSFT5PRswban1zlLp5mOHT7zVZqwuCRMyz6xzGtkAdsEujznD_Q4WqSverhpbWS7eQ0SMm77AcfIGlA Protocol H2 Server 68.67.161.208 Fairfield, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT an-x-request-uuid 8440b2d3-a63d-4952-929c-19889007e973 server nginx/1.21.3 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 185.213.80.74; 185.213.80.74; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESECtrGbBbYb3gZM97zd0W1Sc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A0DB Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA0NzY0NzUwOTA3MjQ4NjM2	170 B 243 B	40ms 40ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA0NzY0NzUwOTA3MjQ4NjM2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYxpO_7gEwAQ&v=APEucNW4XmbLuK8J5MrkSFT5PRswban1zlLp5mOHT7zVZqwuCRMyz6xzGtkAdsEujznD_Q4WqSverhpbWS7eQ0SMm77AcfIGlA Protocol H2 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT an-x-request-uuid 25623ecc-bfd8-45cc-a6fd-fffad9e39f00 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA0NzY0NzUwOTA3MjQ4NjM2 x-proxy-origin 185.213.80.74; 185.213.80.74; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0D52	0 20 B	45ms 44ms	Ping image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6586303909597&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0D52	0 20 B	44ms 44ms	Ping image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6586303909597&version=m202309260101&ct=76&x=1&cor=5380812755982129000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0D52	90 KB 38 KB	77ms 75ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVAl25bl_6yISTJknOjbhF2TrGNfd_HoXS_fOKCFX4L07-24IqF15tPqvFvi2Q4M3bqXxHkLduLNOUiQcFzP2Z6kiApeAUwgmVcoc-prI7kiWLEHSZO2x50SxE9ooR2dqyZc5oVkx876oU2d7EFGXeVGooTkErEFgQyhhxrAFV0TvGjgI&dbm_d=AKAmf-CLM9d-a9z3GHdw_acvaqvl6M9gm2VXUHVy0N-3YJovgkDf0ggmqLKt0XvvEJJldX8jrgfjZ4ssgfa9dQg26EPZzlb9MZAjJ37UuRxdkDcwiJV2uTPW_aqvYrdhbCLYYu0oiQeBG2QFyDlr2MUUSZeOO-9_Nihb_wAos4GAMikB3KnEhaEN8QWx_0qZu3EIV3I8g1pPComl62S6aaRfAAsAu3uqIuAJshXiO32QoR0JiLU7axt0qc_tImlxadDbiKxvncLDPzaQUhnmU4NfAyuJpXp4Qbii97VU10T5eA5tvECKHito0Awfu8E_BbdIJR3rZK0ycPR4X9RPocsei3FAYDABfm9RceY4eNlncc-nef15y-yGnpO3BlTjb3AShslc--sLMYQymPL9kgywAGtCQbZU6E0Eks-OhIidL6HtcySkeRJAqGGzTZ55Dp0Z-S9Pm0AfJHSwBtL-ZIQorOM8UPKkEYHLB5WSVyQwwEQy31WfEQbxK2-CGL_5GgfAaPCVm9VZ3Uow7DgZBqObH7ZknFsjVFcOVGjzf7tFpZe7Mcd6gpYcxbgAnZYKZ8qcTaVMWqZL_Yrdpbn5h9DeaYnMhjnk1t2_DwltKKDxkWcu8HuwPAyb2rObopJ821Ta9oPbAR3gCHe5DiY0FJpciBc4Eq7b6frSsZ1kphrfuMMF1Mgd5E05K-Po_RJEC-GE4lJbrF_oBqbYY9QAPxzU0vRaP5Qd1yN42eE-VkiR_7IhrK534Ww1K7gYYjaBZDYprDrW1H4vBE51EdUNqBQnteh7yoyRytfAiIcmkdlXoxQsaKcpyZDfuucqcZM62mzDZURDrUbNHO4ZtuCHtGbTi29sQIAkts2tCwQkKTBVymWjGx9BwgQlRg8AscFDmJidIE9bZT-jevQy45YRvNRm66GeZqQ0oDx5p0wTfOeF5iiaDjbE3S_qFPuD4spxlBzVZWQXUdYwKFnMNh_p0rzGN1lLEQE-K1ofLBn6VTk-CNpRAQ6RjIr5MZe_Xbb6mxRaU84Jh-jv3_MNIaE7uYDrhgMUwiFpl4YL2M2D0dF5M5EhJ0xkiujkrZEFD4GA8IPmeR8WtobCari6iOi-uYjHzklMNcJ71qTZmUfeENyyLQQxfXZmUq1rMtpYHWu2mQ9L4c2Oft5djfSF-DFeRsiNV1fnCN_D5hINCyqsU9hrdYBmuUkTbS94BVSHr1iSikSHZzI-wP58ABBg7wocNLpyBcSANTP2rOHAg2lejTh15JTBwCpazG0mcNu1oQQo4Z14gUpLyZBHTc1EA4Bi_AB5tKUFnAHthtNqiunHMnZGZVB7SVbU8EHCcTylUm3XFJv7W38bKgUt33gAjWZoC0qGu2UUQ5IHnSQnBqzPC_2eeKXkk-0RoR3nlCVsek2k6_gnScodMfkEQI8VbfYtmgyZpEWiyuMJ3EkUwiHdoLQ78Yte15GzCuUWT4O4QWPtkaDkwLo3Eygtirh99nx_wHljQOdTALUojwcSIfygbWpY4bKz6sf3b5EEMbxJEUpMVN6tXZUYy2hGSx_5Z9jn5QI3iFGjUhRFQKYHIS8-TNRpLdIUEdsJ22iAryypwMvu8pjlBp1Cpx7i_UwUmLNCwHvEK1khSddbKkmhjLZ75_sktxLTpiFFoTWzOFHjudt-Z6JrkRSmmIMV8ixFBygUTtb0SrjXpj3JOj5K41a-Y8esyiOle-5tQiSvODfBq2jnpjxQme2DT-dyrJmDiy21bWqnBRGKJzNLBZUe0U5dTa5pGyXpdgQTj3QMlPgCBCyyRNh6lcgfdNqrRw_SiPuxzfjvg_sOK5RbhVJlEv3U_HGczI0SCItNBcx96h66NP24iL9WKpfCASwiidjBCoQKPfJa4teUTIcAc-QusXjWsR2I28eB17rPuP51D_NR06P6Cma1O0nOFPr9IDPBTOc_5xvI6CR0jS6rH5piJYpaAR0S4b1FpP5HBKR60X7iwkO4TcsvcYDvZFGVLXqrNbhWPWtDwJxJilRGNIxc6WASrBjYpIfhLlpRhoL_I7FtmFKPhupehrwTqsz8DHFj0pk7P7uXKNPA1gbyQHzUuCe2tLhjKeit6rQNxsjzY8QHdaDKRoO0Rh2yEIz43pSLkpg4vu8E92R4t221xchRXW3PNcm5Su9fR_BKCRK871KKc_YJl_Nr9dj0bCQsfPjAkFC1b1MEZL0RFFrdReuhHnv7AoaVB5p-imrnoE3buNLVK3LEQ694FUh-gBsHnN6qW0k9tg_nNW-FyKYVUYHHU0FciV8k7K3RHEC88NJ3_DrI98xO3MHs_abUnPDC2naIxuJ3ifUePZja6njFHg4izp1Rp-3djASEGX2VdnfVVlbn1rqZRmJ0ioMzTYfHOaIVpv-OHWzKC2doo3UGvdTe8J9CkM5-i57tATcee_TbqgOxy760sLpCtgbfmP0OOeS-10wddPxNVSnGpCnMVFN9LbxkWQ9T2ipAW8HfgxjwVnjqoLKvGe2Aqtjqo5v58Q3s5g_UkHg_7PtgjpwjlURgqyXoNNzXxQ8WO5yBmIKmD7qB_VWRiAZfMQkoQ3Ce8xXLQkDKPPiy3EC2pXb5kPTxEJCdtNWWjE6-TLrLHKrQ8A-NbW-MBJxSvQCIfp_DMsjwi3pdS-hY4j_Rl6dOJe91IvRT9HCYCC7CwFtH66J_MwR3Vh_tiprGExzUvJS2P4h_oJF2I6S-I_Rd3W-7wpYV-0wKPSazQq2QIHbUTer6ip_81TpeJchcHr8gwV1dRaVml2PyCSaR7NCCFnXW-63Tk4Lbhoe2scl0RpK9lABGxeeg8EagSUC39jdJMWgrcxiyBv9_nxKpOJeGoWlq56aP4PdnyDWxyEyqiAk9EyTVIMpZIMrQYUddP3CiAGTnDtBF_FX67LRRnYgQDueFjeOPA-l8QRDbWJHDwYqLLx-NpU349wa_S3g_zF5jLNqlXZq35nmnlrRB4VIUD__OFCrTWv6XvxTRicqn9HVNP3yPOET9hFSWRoO36pUlmpzfI1AgbuuwTJKCPQffW7zDRlc64PInnubl9b7qVfazRty9ez0VJyZIJadntidFOJvqkVqWpXCaQ7kEb27kPaZqXQkmV9TjMMT3i6s1k1LOzMYGkZMKE_UZYsUJM__2rnhQhxzN0TJGXqjmwSdZFC6VyBbaJTgOixKfzwfIKudexHJ-pLMgAZMPfNHLrVNl2-QC64knAWYfqzTyP8xXW6MKxxrh1rb08F8jQGyJbR-GY_jctSjaRFMaGFExpWT75-ScCovxubGZCrQ1CDNHeMSA2tEr2KrHWDLfFrmunGN9DbCZuQ7raIRuGIFJAv3vrrYsVCGLAFvmKfXKWiaCRpqerA&cid=CAQSPADICaaNElhtcgyezQN5HyISxYT-AGp1cBP1eE-bzte5wiH8F2kDwH1_ZmURs4mNYaOn8ptI6JCAcPYqrhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffree-calendar.su%2F&ds=l&xdt=1&iif=1&cor=5380812755982129000&adk=250412560&idt=72&cac=0&dtd=25 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash b45a72e06aba283ef83645e1ce822e6e93a649617418762faf3461cbe9f53ba8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38377 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	bsevent.gif rtbc-ue1.doubleverify.com/ Frame BDC5	0 308 B	95ms 42ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=89f36e06a96a446e8dbec1ff14b907a8&vfdur=605&cbust=1699164852578808 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal122.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Access-Control-Allow-Origin https://googleads.g.doubleclick.net Pragma no-cache Date Sun, 05 Nov 2023 06:14:12 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true, true Connection keep-alive Expires 2023-11-04T06:14:12
GET H2	200	globalpassback_728x90.gif cdn.besafe.global/ Frame BDC5	13 KB 13 KB	113ms 30ms	Image image/gif	13.32.208.38 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.besafe.global/globalpassback_728x90.gif Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.208.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-208-38.iad66.r.cloudfront.net Software AmazonS3 / Resource Hash 10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 22:50:59 GMT via 1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront) last-modified Fri, 15 Jul 2022 20:03:13 GMT server AmazonS3 x-amz-cf-pop IAD66-C1 age 26594 etag "d7f0c1fa2fb2f6c6dc87372cf940f1d5" x-amz-meta-sha256 10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3 content-type image/gif x-cache Hit from cloudfront accept-ranges bytes content-length 13098 x-amz-cf-id SVa4eQVUB_hkZsBXH45KD4jgL51MM6ejz2H_a-ff6v4Nepye43gNxA== x-amz-meta-s3b-last-modified 20220630T185306Z
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0D52	111 KB 39 KB	93ms 30ms	Script text/javascript	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 23:45:31 GMT content-encoding gzip x-content-type-options nosniff age 23321 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 05 Nov 2023 23:45:31 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 0D52	11 KB 4 KB	30ms 30ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVAl25bl_6yISTJknOjbhF2TrGNfd_HoXS_fOKCFX4L07-24IqF15tPqvFvi2Q4M3bqXxHkLduLNOUiQcFzP2Z6kiApeAUwgmVcoc-prI7kiWLEHSZO2x50SxE9ooR2dqyZc5oVkx876oU2d7EFGXeVGooTkErEFgQyhhxrAFV0TvGjgI&dbm_d=AKAmf-CLM9d-a9z3GHdw_acvaqvl6M9gm2VXUHVy0N-3YJovgkDf0ggmqLKt0XvvEJJldX8jrgfjZ4ssgfa9dQg26EPZzlb9MZAjJ37UuRxdkDcwiJV2uTPW_aqvYrdhbCLYYu0oiQeBG2QFyDlr2MUUSZeOO-9_Nihb_wAos4GAMikB3KnEhaEN8QWx_0qZu3EIV3I8g1pPComl62S6aaRfAAsAu3uqIuAJshXiO32QoR0JiLU7axt0qc_tImlxadDbiKxvncLDPzaQUhnmU4NfAyuJpXp4Qbii97VU10T5eA5tvECKHito0Awfu8E_BbdIJR3rZK0ycPR4X9RPocsei3FAYDABfm9RceY4eNlncc-nef15y-yGnpO3BlTjb3AShslc--sLMYQymPL9kgywAGtCQbZU6E0Eks-OhIidL6HtcySkeRJAqGGzTZ55Dp0Z-S9Pm0AfJHSwBtL-ZIQorOM8UPKkEYHLB5WSVyQwwEQy31WfEQbxK2-CGL_5GgfAaPCVm9VZ3Uow7DgZBqObH7ZknFsjVFcOVGjzf7tFpZe7Mcd6gpYcxbgAnZYKZ8qcTaVMWqZL_Yrdpbn5h9DeaYnMhjnk1t2_DwltKKDxkWcu8HuwPAyb2rObopJ821Ta9oPbAR3gCHe5DiY0FJpciBc4Eq7b6frSsZ1kphrfuMMF1Mgd5E05K-Po_RJEC-GE4lJbrF_oBqbYY9QAPxzU0vRaP5Qd1yN42eE-VkiR_7IhrK534Ww1K7gYYjaBZDYprDrW1H4vBE51EdUNqBQnteh7yoyRytfAiIcmkdlXoxQsaKcpyZDfuucqcZM62mzDZURDrUbNHO4ZtuCHtGbTi29sQIAkts2tCwQkKTBVymWjGx9BwgQlRg8AscFDmJidIE9bZT-jevQy45YRvNRm66GeZqQ0oDx5p0wTfOeF5iiaDjbE3S_qFPuD4spxlBzVZWQXUdYwKFnMNh_p0rzGN1lLEQE-K1ofLBn6VTk-CNpRAQ6RjIr5MZe_Xbb6mxRaU84Jh-jv3_MNIaE7uYDrhgMUwiFpl4YL2M2D0dF5M5EhJ0xkiujkrZEFD4GA8IPmeR8WtobCari6iOi-uYjHzklMNcJ71qTZmUfeENyyLQQxfXZmUq1rMtpYHWu2mQ9L4c2Oft5djfSF-DFeRsiNV1fnCN_D5hINCyqsU9hrdYBmuUkTbS94BVSHr1iSikSHZzI-wP58ABBg7wocNLpyBcSANTP2rOHAg2lejTh15JTBwCpazG0mcNu1oQQo4Z14gUpLyZBHTc1EA4Bi_AB5tKUFnAHthtNqiunHMnZGZVB7SVbU8EHCcTylUm3XFJv7W38bKgUt33gAjWZoC0qGu2UUQ5IHnSQnBqzPC_2eeKXkk-0RoR3nlCVsek2k6_gnScodMfkEQI8VbfYtmgyZpEWiyuMJ3EkUwiHdoLQ78Yte15GzCuUWT4O4QWPtkaDkwLo3Eygtirh99nx_wHljQOdTALUojwcSIfygbWpY4bKz6sf3b5EEMbxJEUpMVN6tXZUYy2hGSx_5Z9jn5QI3iFGjUhRFQKYHIS8-TNRpLdIUEdsJ22iAryypwMvu8pjlBp1Cpx7i_UwUmLNCwHvEK1khSddbKkmhjLZ75_sktxLTpiFFoTWzOFHjudt-Z6JrkRSmmIMV8ixFBygUTtb0SrjXpj3JOj5K41a-Y8esyiOle-5tQiSvODfBq2jnpjxQme2DT-dyrJmDiy21bWqnBRGKJzNLBZUe0U5dTa5pGyXpdgQTj3QMlPgCBCyyRNh6lcgfdNqrRw_SiPuxzfjvg_sOK5RbhVJlEv3U_HGczI0SCItNBcx96h66NP24iL9WKpfCASwiidjBCoQKPfJa4teUTIcAc-QusXjWsR2I28eB17rPuP51D_NR06P6Cma1O0nOFPr9IDPBTOc_5xvI6CR0jS6rH5piJYpaAR0S4b1FpP5HBKR60X7iwkO4TcsvcYDvZFGVLXqrNbhWPWtDwJxJilRGNIxc6WASrBjYpIfhLlpRhoL_I7FtmFKPhupehrwTqsz8DHFj0pk7P7uXKNPA1gbyQHzUuCe2tLhjKeit6rQNxsjzY8QHdaDKRoO0Rh2yEIz43pSLkpg4vu8E92R4t221xchRXW3PNcm5Su9fR_BKCRK871KKc_YJl_Nr9dj0bCQsfPjAkFC1b1MEZL0RFFrdReuhHnv7AoaVB5p-imrnoE3buNLVK3LEQ694FUh-gBsHnN6qW0k9tg_nNW-FyKYVUYHHU0FciV8k7K3RHEC88NJ3_DrI98xO3MHs_abUnPDC2naIxuJ3ifUePZja6njFHg4izp1Rp-3djASEGX2VdnfVVlbn1rqZRmJ0ioMzTYfHOaIVpv-OHWzKC2doo3UGvdTe8J9CkM5-i57tATcee_TbqgOxy760sLpCtgbfmP0OOeS-10wddPxNVSnGpCnMVFN9LbxkWQ9T2ipAW8HfgxjwVnjqoLKvGe2Aqtjqo5v58Q3s5g_UkHg_7PtgjpwjlURgqyXoNNzXxQ8WO5yBmIKmD7qB_VWRiAZfMQkoQ3Ce8xXLQkDKPPiy3EC2pXb5kPTxEJCdtNWWjE6-TLrLHKrQ8A-NbW-MBJxSvQCIfp_DMsjwi3pdS-hY4j_Rl6dOJe91IvRT9HCYCC7CwFtH66J_MwR3Vh_tiprGExzUvJS2P4h_oJF2I6S-I_Rd3W-7wpYV-0wKPSazQq2QIHbUTer6ip_81TpeJchcHr8gwV1dRaVml2PyCSaR7NCCFnXW-63Tk4Lbhoe2scl0RpK9lABGxeeg8EagSUC39jdJMWgrcxiyBv9_nxKpOJeGoWlq56aP4PdnyDWxyEyqiAk9EyTVIMpZIMrQYUddP3CiAGTnDtBF_FX67LRRnYgQDueFjeOPA-l8QRDbWJHDwYqLLx-NpU349wa_S3g_zF5jLNqlXZq35nmnlrRB4VIUD__OFCrTWv6XvxTRicqn9HVNP3yPOET9hFSWRoO36pUlmpzfI1AgbuuwTJKCPQffW7zDRlc64PInnubl9b7qVfazRty9ez0VJyZIJadntidFOJvqkVqWpXCaQ7kEb27kPaZqXQkmV9TjMMT3i6s1k1LOzMYGkZMKE_UZYsUJM__2rnhQhxzN0TJGXqjmwSdZFC6VyBbaJTgOixKfzwfIKudexHJ-pLMgAZMPfNHLrVNl2-QC64knAWYfqzTyP8xXW6MKxxrh1rb08F8jQGyJbR-GY_jctSjaRFMaGFExpWT75-ScCovxubGZCrQ1CDNHeMSA2tEr2KrHWDLfFrmunGN9DbCZuQ7raIRuGIFJAv3vrrYsVCGLAFvmKfXKWiaCRpqerA&cid=CAQSPADICaaNElhtcgyezQN5HyISxYT-AGp1cBP1eE-bzte5wiH8F2kDwH1_ZmURs4mNYaOn8ptI6JCAcPYqrhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffree-calendar.su%2F&ds=l&xdt=1&iif=1&cor=5380812755982129000&adk=250412560&idt=72&cac=0&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 14:59:11 GMT content-encoding br x-content-type-options nosniff age 54901 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 14:59:11 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 0D52	31 KB 12 KB	30ms 30ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVAl25bl_6yISTJknOjbhF2TrGNfd_HoXS_fOKCFX4L07-24IqF15tPqvFvi2Q4M3bqXxHkLduLNOUiQcFzP2Z6kiApeAUwgmVcoc-prI7kiWLEHSZO2x50SxE9ooR2dqyZc5oVkx876oU2d7EFGXeVGooTkErEFgQyhhxrAFV0TvGjgI&dbm_d=AKAmf-CLM9d-a9z3GHdw_acvaqvl6M9gm2VXUHVy0N-3YJovgkDf0ggmqLKt0XvvEJJldX8jrgfjZ4ssgfa9dQg26EPZzlb9MZAjJ37UuRxdkDcwiJV2uTPW_aqvYrdhbCLYYu0oiQeBG2QFyDlr2MUUSZeOO-9_Nihb_wAos4GAMikB3KnEhaEN8QWx_0qZu3EIV3I8g1pPComl62S6aaRfAAsAu3uqIuAJshXiO32QoR0JiLU7axt0qc_tImlxadDbiKxvncLDPzaQUhnmU4NfAyuJpXp4Qbii97VU10T5eA5tvECKHito0Awfu8E_BbdIJR3rZK0ycPR4X9RPocsei3FAYDABfm9RceY4eNlncc-nef15y-yGnpO3BlTjb3AShslc--sLMYQymPL9kgywAGtCQbZU6E0Eks-OhIidL6HtcySkeRJAqGGzTZ55Dp0Z-S9Pm0AfJHSwBtL-ZIQorOM8UPKkEYHLB5WSVyQwwEQy31WfEQbxK2-CGL_5GgfAaPCVm9VZ3Uow7DgZBqObH7ZknFsjVFcOVGjzf7tFpZe7Mcd6gpYcxbgAnZYKZ8qcTaVMWqZL_Yrdpbn5h9DeaYnMhjnk1t2_DwltKKDxkWcu8HuwPAyb2rObopJ821Ta9oPbAR3gCHe5DiY0FJpciBc4Eq7b6frSsZ1kphrfuMMF1Mgd5E05K-Po_RJEC-GE4lJbrF_oBqbYY9QAPxzU0vRaP5Qd1yN42eE-VkiR_7IhrK534Ww1K7gYYjaBZDYprDrW1H4vBE51EdUNqBQnteh7yoyRytfAiIcmkdlXoxQsaKcpyZDfuucqcZM62mzDZURDrUbNHO4ZtuCHtGbTi29sQIAkts2tCwQkKTBVymWjGx9BwgQlRg8AscFDmJidIE9bZT-jevQy45YRvNRm66GeZqQ0oDx5p0wTfOeF5iiaDjbE3S_qFPuD4spxlBzVZWQXUdYwKFnMNh_p0rzGN1lLEQE-K1ofLBn6VTk-CNpRAQ6RjIr5MZe_Xbb6mxRaU84Jh-jv3_MNIaE7uYDrhgMUwiFpl4YL2M2D0dF5M5EhJ0xkiujkrZEFD4GA8IPmeR8WtobCari6iOi-uYjHzklMNcJ71qTZmUfeENyyLQQxfXZmUq1rMtpYHWu2mQ9L4c2Oft5djfSF-DFeRsiNV1fnCN_D5hINCyqsU9hrdYBmuUkTbS94BVSHr1iSikSHZzI-wP58ABBg7wocNLpyBcSANTP2rOHAg2lejTh15JTBwCpazG0mcNu1oQQo4Z14gUpLyZBHTc1EA4Bi_AB5tKUFnAHthtNqiunHMnZGZVB7SVbU8EHCcTylUm3XFJv7W38bKgUt33gAjWZoC0qGu2UUQ5IHnSQnBqzPC_2eeKXkk-0RoR3nlCVsek2k6_gnScodMfkEQI8VbfYtmgyZpEWiyuMJ3EkUwiHdoLQ78Yte15GzCuUWT4O4QWPtkaDkwLo3Eygtirh99nx_wHljQOdTALUojwcSIfygbWpY4bKz6sf3b5EEMbxJEUpMVN6tXZUYy2hGSx_5Z9jn5QI3iFGjUhRFQKYHIS8-TNRpLdIUEdsJ22iAryypwMvu8pjlBp1Cpx7i_UwUmLNCwHvEK1khSddbKkmhjLZ75_sktxLTpiFFoTWzOFHjudt-Z6JrkRSmmIMV8ixFBygUTtb0SrjXpj3JOj5K41a-Y8esyiOle-5tQiSvODfBq2jnpjxQme2DT-dyrJmDiy21bWqnBRGKJzNLBZUe0U5dTa5pGyXpdgQTj3QMlPgCBCyyRNh6lcgfdNqrRw_SiPuxzfjvg_sOK5RbhVJlEv3U_HGczI0SCItNBcx96h66NP24iL9WKpfCASwiidjBCoQKPfJa4teUTIcAc-QusXjWsR2I28eB17rPuP51D_NR06P6Cma1O0nOFPr9IDPBTOc_5xvI6CR0jS6rH5piJYpaAR0S4b1FpP5HBKR60X7iwkO4TcsvcYDvZFGVLXqrNbhWPWtDwJxJilRGNIxc6WASrBjYpIfhLlpRhoL_I7FtmFKPhupehrwTqsz8DHFj0pk7P7uXKNPA1gbyQHzUuCe2tLhjKeit6rQNxsjzY8QHdaDKRoO0Rh2yEIz43pSLkpg4vu8E92R4t221xchRXW3PNcm5Su9fR_BKCRK871KKc_YJl_Nr9dj0bCQsfPjAkFC1b1MEZL0RFFrdReuhHnv7AoaVB5p-imrnoE3buNLVK3LEQ694FUh-gBsHnN6qW0k9tg_nNW-FyKYVUYHHU0FciV8k7K3RHEC88NJ3_DrI98xO3MHs_abUnPDC2naIxuJ3ifUePZja6njFHg4izp1Rp-3djASEGX2VdnfVVlbn1rqZRmJ0ioMzTYfHOaIVpv-OHWzKC2doo3UGvdTe8J9CkM5-i57tATcee_TbqgOxy760sLpCtgbfmP0OOeS-10wddPxNVSnGpCnMVFN9LbxkWQ9T2ipAW8HfgxjwVnjqoLKvGe2Aqtjqo5v58Q3s5g_UkHg_7PtgjpwjlURgqyXoNNzXxQ8WO5yBmIKmD7qB_VWRiAZfMQkoQ3Ce8xXLQkDKPPiy3EC2pXb5kPTxEJCdtNWWjE6-TLrLHKrQ8A-NbW-MBJxSvQCIfp_DMsjwi3pdS-hY4j_Rl6dOJe91IvRT9HCYCC7CwFtH66J_MwR3Vh_tiprGExzUvJS2P4h_oJF2I6S-I_Rd3W-7wpYV-0wKPSazQq2QIHbUTer6ip_81TpeJchcHr8gwV1dRaVml2PyCSaR7NCCFnXW-63Tk4Lbhoe2scl0RpK9lABGxeeg8EagSUC39jdJMWgrcxiyBv9_nxKpOJeGoWlq56aP4PdnyDWxyEyqiAk9EyTVIMpZIMrQYUddP3CiAGTnDtBF_FX67LRRnYgQDueFjeOPA-l8QRDbWJHDwYqLLx-NpU349wa_S3g_zF5jLNqlXZq35nmnlrRB4VIUD__OFCrTWv6XvxTRicqn9HVNP3yPOET9hFSWRoO36pUlmpzfI1AgbuuwTJKCPQffW7zDRlc64PInnubl9b7qVfazRty9ez0VJyZIJadntidFOJvqkVqWpXCaQ7kEb27kPaZqXQkmV9TjMMT3i6s1k1LOzMYGkZMKE_UZYsUJM__2rnhQhxzN0TJGXqjmwSdZFC6VyBbaJTgOixKfzwfIKudexHJ-pLMgAZMPfNHLrVNl2-QC64knAWYfqzTyP8xXW6MKxxrh1rb08F8jQGyJbR-GY_jctSjaRFMaGFExpWT75-ScCovxubGZCrQ1CDNHeMSA2tEr2KrHWDLfFrmunGN9DbCZuQ7raIRuGIFJAv3vrrYsVCGLAFvmKfXKWiaCRpqerA&cid=CAQSPADICaaNElhtcgyezQN5HyISxYT-AGp1cBP1eE-bzte5wiH8F2kDwH1_ZmURs4mNYaOn8ptI6JCAcPYqrhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffree-calendar.su%2F&ds=l&xdt=1&iif=1&cor=5380812755982129000&adk=250412560&idt=72&cac=0&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 16:29:02 GMT content-encoding br x-content-type-options nosniff age 49510 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11960 x-xss-protection 0 server cafe etag 17132697034905592634 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Nov 2023 16:29:02 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 0D52	41 KB 14 KB	31ms 30ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 20:41:05 GMT content-encoding br x-content-type-options nosniff age 34387 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Nov 2024 20:41:05 GMT
GET DATA	200 OK	truncated / Frame BDC5	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1817eed3cd5afb235a18f31a69ba02d78f799902209b4c85e182a6efea9d88a8 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2E20	1 KB 648 B	30ms 30ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 48467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 16:46:25 GMT etag 48472445140208031 expires Sun, 05 Nov 2023 16:46:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 0D52	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d83f173cd3a854f0aa2f3956c7b00addb54cebbf23d9d5d855850cc34ba44e7b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame BDC5	0 0	58ms 58ms	Fetch text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C7E2asTJHZeDQPI6rrr4PxZOWsAXDo_OCdPe-pej_Ecim1N2PDhABIPDR_yJg_eiigfADoAHe7fzfAsgBCagDAcgDAqoEzAFP0A_ZzOIzmfjZuv9jpPBJ5jjnnYHnx6m1OFKmPyD3phvzB-_tksRzZAmKECA2V0yvIE5gTp5F_e5Q12f4jYXX03quMxPk9w_iMVHrB0Eceq3IHiQFUJ59V9U4xYMSW8gSP6bJrmqFxmzGJYI9cHpDi_tQRf4TsQwgWXTpXtq_f9Fwg-2Wt1U5KCH0boOPkV0n6tVCeTyg085MhckGl9u7xIwvXNVb9EECbqhHG3eOzOLk3Y11owRN20QYph_5HhcqhM_GncqJXFo-eGLABP-frcTEBIgF6P__skySBQQIBBgBkgUECAUYBKAGEYAHipKDoAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDpnBfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAaIMDCoKCgjktLEC7rWxAtoMEAoKENCq6vfllJy1dxICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNzA1MjA2ODQ3MTQ4NTQ4NBgA&sigh=xv57qqoG9wI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNCC5UUD7Vexdz_4egJmLxtEpXRXOw1fxumAMV5aE5HbOUJsSlvWoCdiR3DG_sfSZapCR5QnSsozIU_LiWybsrFWOrcYkBNjPIShgB&cbvp=2&vis=1 Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1 Attribution-Reporting-Eligible event-source accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame 2E20 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81R... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a8...	43 B 422 B	100ms 93ms	Image image/gif	104.18.24.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H2 Server 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8212f48a8e4036fa-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 85 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEk7B-Q53KbDRNAlK5XeF0s&google_cver=1&google_push=AXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnEm55ELzCODzmb44--cUt9Q4oWECaNHQMuSLlzdM6a0N6JU1fABxOMWCp0onn_Cwqd7fbHQWEEwiwkkcD5zmr6GBh3a81Rg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8212f489dd8136fa-YYZ alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E20 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJuI1E_hVOiJpI-R2S_eSUs&google_cver=1&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZP... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZPDCNOm87DjJTWBrZSPMkrlRQXU0	170 B 188 B	41ms 41ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZPDCNOm87DjJTWBrZSPMkrlRQXU0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 05 Nov 2023 06:14:12 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6661CBFE57104D64A5FECBC0A93B8C3F Ref B: YTO01EDGE0521 Ref C: 2023-11-05T06:14:12Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT_evIvt8YVypTLJkLuf0go7R1XEvIgoBM6k9mbXXHjT7N3JltzI4SllDJNB-iP_8auRziZPDCNOm87DjJTWBrZSPMkrlRQXU0 x-li-proto http/2 content-length 0 x-li-uuid AAYJYaV3XL9TSlnnwYRK+g==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E20 Redirect Chain https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOlExhtszLCtP6ylm546Nqs&google_cver=1&google_push=AXcoOmS17BULfVhbxjsTaMl-obb_oYQo23LZnyL0x51KL9Ll9FfPOd2CjWnFMhf2k2hW2UUG9C7AOKOM8TjV536Hzb... https://match.adsrvr.org/track/cmb/google?google_gid=CAESEOlExhtszLCtP6ylm546Nqs&google_cver=1&google_push=AXcoOmS17BULfVhbxjsTaMl-obb_oYQo23LZnyL0x51KL9Ll9FfPOd2CjWnFMhf2k2hW2UUG9C7AOKOM8TjV536Hzb... https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWFhYzZhODMtZGM4OC00ZWY5LWFhNmEtYzY1MDhjMTMwZDk2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1aac6a83-dc88-4ef9-aa6a-c6508c130d96	170 B 188 B	42ms 41ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWFhYzZhODMtZGM4OC00ZWY5LWFhNmEtYzY1MDhjMTMwZDk2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1aac6a83-dc88-4ef9-aa6a-c6508c130d96 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWFhYzZhODMtZGM4OC00ZWY5LWFhNmEtYzY1MDhjMTMwZDk2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1aac6a83-dc88-4ef9-aa6a-c6508c130d96 date Sun, 05 Nov 2023 06:14:12 GMT server Kestrel content-length 423
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E20 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENqVCLqTZVFKWAdVZpwKx6U&google_cver=1&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn5JaR5pLE&google_hm=eS1DR2syZ2s5RTJwRUh...	170 B 188 B	42ms 41ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn5JaR5pLE&google_hm=eS1DR2syZ2s5RTJwRUhpUGl3Nl9VTVh3SFBtSlFTajhHMH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 05 Nov 2023 06:14:12 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTFlwo5OVFLHKg2UPvJtPuNXxmsTaIj0QfmtRdbTb4DsXHu37f6pYe69Bz8S2hbzvIOWgnYKaKAuS866e1rc9T3_xn5JaR5pLE&google_hm=eS1DR2syZ2s5RTJwRUhpUGl3Nl9VTVh3SFBtSlFTajhHMH5B content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 2E20	43 B 363 B	91ms 29ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQc9OGa4pYCAv1Kee3J79KQwlRE1VqSBcb5fpNUOWCo4_OVhlp7865lhvde0gT2DpfyvfxpjzJctmiufUKjut-1-yxZbo7inl0&google_gid=CAESEJ0OlH1a-pCIry3kFSGLADM&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:11 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 492723 expires Sun, 05 Nov 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E20 Redirect Chain https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJPG-6SH_Htn98C0mxDnHFw&google_cver=1&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ2... https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2VwAK87JF0-JbVkaS1rQFg&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ21s7c1-0g9D...	170 B 188 B	42ms 41ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2VwAK87JF0-JbVkaS1rQFg&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ21s7c1-0g9DDQ7CCSI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2VwAK87JF0-JbVkaS1rQFg&google_push=AXcoOmSDBvOcGnR_xoX6IZb_EhcRT-_1ui7BOaJEBfPKDuEU9D0JLyCwu7rj3PLrHJ7mffk7Oypdt2pOKIm3fQ21s7c1-0g9DDQ7CCSI Date Sun, 05 Nov 2023 06:14:12 GMT Server Kestrel Connection keep-alive Content-Length 0
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame 2E20 Redirect Chain https://an.yandex.ru/mapuid/google/CAESEKlum7rMd7zp8T7TeFXW-sU?ext-param=AXcoOmTBtCMtwYi4B9Jj6mkNBRj--gktR3Z5zt9Aqj_g7cDKAtsuzeaNOVZD_yqiX-rqeAzxyiCFBryobuCSHTXaK5BMwipHfjaDrHk&partner-tag=yandex_a... https://an.yandex.ru/mapuid/google/CAESEKlum7rMd7zp8T7TeFXW-sU?redir-setuniq=1&ext-param=AXcoOmTBtCMtwYi4B9Jj6mkNBRj--gktR3Z5zt9Aqj_g7cDKAtsuzeaNOVZD_yqiX-rqeAzxyiCFBryobuCSHTXaK5BMwipHfjaDrHk&part... https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKlum7rMd7zp8T7TeFXW-sU&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 144 B	159ms 158ms	Image image/gif	77.88.21.90 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Protocol H2 Server 77.88.21.90 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS bs.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:13 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 18 Apr 2001 10:28:03 GMT content-type image/gif p3p CP="NOI DEVa TAIa OUR BUS UNI STA" timing-allow-origin * x-xss-protection 1; mode=block expires Sun, 20 Oct 2024 06:14:13 GMT Redirect headers pragma no-cache date Sun, 05 Nov 2023 06:14:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://an.yandex.ru/resource/spacer.gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 2E20	0 12 B	39ms 38ms	Image text/html	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lw65LpG_U_LZPS5OLNOtUViY9hhcWY7Z4OyjgbFvbRMTzaiiROitVNREaL1H3BgasUzA0eDCY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:12 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	48ms 48ms	Image text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=630709843855693&bg=!Tk2lTQLNAAb4oU7C2KE7ADQBe5WfOFipFaUDKHlZYSikGpNT5VXsr7AezzHA_tf6NOvve2_o2OW8k7iCJF2PyC3_bKmXAgAAALtSAAAACWgBB5kC8oGD7cShVeYmWOZ48Brf1uPPykVZzuNKB0qySHKR2l8Gigj0U4AKROVRsSyJQYk0wuaX6MiXx93c94pECXKcW0a9S3eqt0GoQOxF9mF3P0XS_NVAnewqrcaWAx0YhIZN_wzAb1AQoU206ayNj0jAZP13jRnw7z02WdnWA03EiShww5ZhRrn0YsuT-zGI61Zzcv3-5vmHWR8AVJq14wgXT8d8cflErd1jjPBxpzMOVXT7J85_A07pOeDiRk1Vmyu0AfMjMvIg6VR6ta5p8XNCs3WrVC_8M39a-pZqEwuyv8gK6vBkzRN7kozAU9Wdvod6xM9B6C_UWD8vdUgRtr93G1qpvohdaV1uwBtzz0pk3oPwBEl-ks5SmS5YwHRD03VIFJ7jx3EAutJQuBiaIUly18Y9Z4LdI_keB2hvh1-XD1FMsKoSQXvgv_-BjrXVLBZl-vIV0wNs-mSV4koh1L0JzMj62p0ZWz-s9Grid10y_psuE_maKr9DExNWnTLFzdBG1DONbxnl7kMpNaejDYAaNPYzglyAR8AoFCKIK8dJpmOvTN1YADQai8uPd_wGOoHD75dsPjJlkO0N3_lZwP0HWSg92gVhAKYOMEC56Fz8wzAC3MqCOqHK5doFNSz7JkZG8DnVq4PYGm4P01bzHeuA6-sV6cgsKVdFF9C7GSYXX6S9I_YvYEqc58ygo_cZThmU3G0fJWwZpGAWFneXnaT06p5m_kM2orfAGDyoy3dd6U0F3A7zZLrBjFo-FkMPgVphnZVSPNTMLIZpZ4Xxw05rkiOYUYgt257DKnHzOgyOzpS80NXuPptSHAPf1zjn7qcyCVPFZ1MW6i-SQXTa3xokL5J4ayoXO1-HMKcJV1qoBuvF3oUvxFKkYUDs-_mRTty2HMBNnXcSpf4YaPfFSNlV6k7Y3Y0W1JwrJwFx2uL2Rvt3a1GHqyObkFsBZwNGbujpFbNE2LUWVH_n2giKNpDxjXu36gAUns2-ZxGrlt6xwCrpHw8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://free-calendar.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 3A9B	38 KB 13 KB	31ms 30ms	Document text/html	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 34380 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 20:41:12 GMT expires Sun, 03 Nov 2024 20:41:12 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/10629876527944820658/ Frame 38BA	19 KB 3 KB	89ms 30ms	Document text/html	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash dcc768c1a6accb5f6db086df6045faf9f2c415b7d345c83b614d06e8e8c76952 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 166713 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 3549 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 07:55:39 GMT expires Sat, 02 Nov 2024 07:55:39 GMT last-modified Mon, 19 Jun 2023 07:33:42 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0D52	0 0	118ms 57ms	Fetch image/gif	142.251.111.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1UpqT5hVTU400d14-JUA8S5FZ7kyDTq0zzqkrE51Py5J10Cd9qdyuSR3PaI7qeZfbVK6xm2NGwW4xUNrlwId2N-kFbES2yp3yLx8ljxaf7NFWNyYZpgPILdJaCugsRnnbez8tcMZtJCLQwQ2VGo31V0KGaRXhwbvcsWWgSN-e6JSH2C1phLweTR6y-DM98NmILMWaH5yJWTlSGJ4NRWYBzw_yvkSQRRCS31j__Eex8z-wrOVP_u8vdzUO_NebkmkMqdRCLO6lu4ybntnLnDH9evUk9IGAgEHW-zDzqX93hBC_A43eD64acc8SUA4svQte65UWvHaaH8ebPdzrEJpLqnVTFZthv7r_FQgocybFfgWegalcoIvXo-O9Rtcw9O7vcKJmF9w74wTiYdPkhBaGKX2uHXJ8EE1MWOOpqeEd-KltTqsHktQU-dgUNSFALjZUnldVgZncLKasdz4Uvf187EuV5OfoxVQyasH8w2wauzXg_P-FGzyvA_J-tiVnF1rtF_XwYpqAq2KHkkORwPluR2tLb-zgw32KkeBZYKJKHHmCWnyIUwUFocbs2TVjyqd2J0gdGT71cSIafdiEije_4UB9lCyJNhQRRjNr3myb3Kbqi23TmWdVfSgleWruM8YT-vAyR4Tb0FmiwNluszityMRE4Pj53xdiXCBzo4FwDZI6NUI-w9_qhtAoX2Jvnylr_dDGPzxlcv-OrI4Ai2p-7CK5yo-49wBKY_Pl28J64gu630lDWbZcNChFdchGdnhx4m9sQM0rcpaELfx50sExQln-cAhwI_1XadhWkvr0-Sa_rZxXyAKepduTxjrsDl-_ZIVXSLsYW2asr-7wBtolUCAiODMWnBeXbwuN1yArrNot25NdaP1BCb_s31XqLJBZTASLECIeWkpVDibAKhFI2mJWAWADCYg9Wufu4ilQtEeTZEghhCbMIej0pfwj1rpZ3WL_i_HTfQUT0zIkTKzcG9jNHJ5nY-iddaPVBT2inxmddB-ey-wnT6CvqpF8cwhIZFnDaxCBtUZ85bGaesYmK5JuSf-Prx8fxLH6vxLUXZlogN1NxKXW-B2jJUImeuAC9sIgeOVLMeluz9vkX0rS1rj_Uq119a6bvcUI0yKkq_GouJp8Z6QhAhM09ndTUFiZ-pprqPAOQS9MsigVR851NQl99sXPHuUinDaRhJybB6tQsHCfjRjwIe_zT7oLiuM7hbdYHQZXfF0uiya73XtxHFPYln52eqArOp9yyFdnpaU1ZGUWIevFbeAuckLiuNqgSzcO6RMi4efbYJF9iBVYPabKWAWEUzlhaToJ5UYV8pNLPwybv1_c15saEw9q&sai=AMfl-YRvnmE8rG_MvKklyDCDu-iHIJ-TXKns2oI65MgHGtFLBfHn0vaosZ3KGM0y8H45H6hX2yusUy_M9Miof2x_zh82FymaO9hjrEWId7Zaahlyye23my1PiM3lbeYcgdFJNj1t3QegCwKEHLMhrvtlzq8r7MptktXS5ZuvmoqQ57oqWG2mRX5TpMbpMWvzGK2nRiUkg9zZnY_zcCzLI2ZLPzf4447WeCPBGp6GwIHQrYbnBP7FhREMT3SL8qP-IXkuZVxeZIhW2eRuDv8IK_4Qcahym5J0inw&sig=Cg0ArKJSzKu-xcVTyXgwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&cbvp=1&cstd=147&cisv=r20231101.49607&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 3A9B	38 KB 15 KB	30ms 30ms	Script text/javascript	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 16:40:40 GMT content-encoding br x-content-type-options nosniff age 48812 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 03 Nov 2024 16:40:40 GMT
GET H3	200	e2adbf0136bb37445413bb62696da59d.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	2 KB 962 B	34ms 33ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/e2adbf0136bb37445413bb62696da59d.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 847962d143e3bb155e6c0e401a7d4bf79c170cb13ff3370237d122e1969b56d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 04:07:56 GMT content-encoding gzip x-content-type-options nosniff age 266776 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 933 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 04:07:56 GMT
GET H3	200	69ef4ffe0602d1bbe7a4cf3ff6685cb8.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	950 B 505 B	31ms 30ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/69ef4ffe0602d1bbe7a4cf3ff6685cb8.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 3158f054828b89e4a9cbd1697361acde78a895f2dee5343751c561653d7f39ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 04:07:56 GMT content-encoding gzip x-content-type-options nosniff age 266776 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 476 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 04:07:56 GMT
GET H3	200	c6edf37350353591f0f2491945418b2c.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	9 KB 2 KB	33ms 32ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/c6edf37350353591f0f2491945418b2c.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash eaa056b0bb77527586cf257c1c32fdeaf8b211adb8a466bbda47b4bae0f55fa8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 17:46:18 GMT content-encoding gzip x-content-type-options nosniff age 217674 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2400 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 17:46:18 GMT
GET H3	200	c21c10aaa69ac2ac530d28f0e3ee3e3f.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	9 KB 3 KB	32ms 31ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/c21c10aaa69ac2ac530d28f0e3ee3e3f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash cc477d9e4e7f2cde5ec97ce7819d096e1b0339a4af63365041b80c6d2b78019c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 04:07:56 GMT content-encoding gzip x-content-type-options nosniff age 266776 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3475 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 04:07:56 GMT
GET H3	200	b92ffada833953407602501f3a0ed6c7.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	11 KB 3 KB	31ms 30ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/b92ffada833953407602501f3a0ed6c7.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 03e7f927cdf4d96f40fab8974a5cb7f8dfd27fe8bf0a3d0e25873aac0b1da2f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 04:07:56 GMT content-encoding gzip x-content-type-options nosniff age 266776 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2892 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 04:07:56 GMT
GET H3	200	c18c9ef3f4a66881fd0b9d972c539694.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	698 B 388 B	45ms 44ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/c18c9ef3f4a66881fd0b9d972c539694.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash eec0aa6e1a8cea285f74f4cfe104cbe499f0ca30aeed45906fa565cc1ea94f0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 01:13:47 GMT content-encoding gzip x-content-type-options nosniff age 190825 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 359 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 02 Nov 2024 01:13:47 GMT
GET H3	200	9e0edfea37df54e88b2eead12923d51b.jpg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	67 KB 67 KB	33ms 32ms	Image image/jpeg	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/9e0edfea37df54e88b2eead12923d51b.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 44ef4b9d849377d7d166dc8ddf549e24ea10a05925c99e484019f1df809f6ffc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 23:47:19 GMT x-content-type-options nosniff age 23213 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68429 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 03 Nov 2024 23:47:19 GMT
GET H3	200	e0c2552c3a334e8781dd633817bbe140.svg s0.2mdn.net/sadbundle/10629876527944820658/images/ Frame 38BA	284 B 231 B	75ms 74ms	Image image/svg+xml	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10629876527944820658/images/e0c2552c3a334e8781dd633817bbe140.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash d135cfbff708eeab740dadf77e4839cf887de697824dc11e770eda824064eb1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/10629876527944820658/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 04:07:56 GMT content-encoding gzip x-content-type-options nosniff age 266776 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202 x-xss-protection 0 last-modified Mon, 19 Jun 2023 07:33:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 01 Nov 2024 04:07:56 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3A9B	0 20 B	49ms 48ms	Image image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQWEJtDJHZdOJIMHYoPwPmPWtsAwAAAAAOAHgBAI&bg=!4-Cl4K_NAAb4oU7C2KE7ADQBe5WfOHcMVfZZDZqMPKEw6sB5zVQ_-V1pmeQgcTd-1fjsobnGNsP4M28x8vbeOgTCZc1GAgAAAEpSAAAABGgBB5kDMm5ZIyLayeiHRY2kI0LT_von9DZ2K53-RH0Sm781E7e3s099T4VJemaFWeVko34Jv160GxZ4_BK8_cOq8rkmkt_XELMHEWCVZNBFwuEm-KrJg1hJzcZsvK5ZsA60ctJKabJFDuSIfaesyqi2Uiq3OifkPb_Rr8DkFsq8lbJuDqn-OsNsbWx3MpmDY9bCZJeXH6Kw8It8Re433pe5tMCm2RXSw0Xzsda7MVJraoBA54QWY4YQ8aarCvGvW1WnBij0rHwrcYDwAtcZoCg4uPVSQawexOGUscFpcvH0iB5OTbctvsLF2h_NQMesqZZSbkOzo7gKWUQn8YHhUmoYD8PXJy3ZL4WHLjq3OVb44ozQQhqURs8aYggUaL1dBdWp6USCOZap52FI3EJsRw6XI1rIR4LDXLaG-ePcbL6dMJIAnROKQy3GEcXVizMHuPXBjqt2OB7XTSucdOqEy4tmVkGix2wCSzDWrE2Sh89sNb7Eb1M1PinPV5QPbNupTNixazss2D2lvTzwO0BIinMdHoBXb3f6gP6DftKzXpABztb6lVkbaihijNtUWWXJFxKTJEgGG8VfF1DluwIGJbSmkS0IKZfuYM_Y8sOINeTyxKRMviS2x4F8S6FpyTQGykK2hhDbLtoL-jnRprfqjrl3M8RRHThuMaBZ7FV179_CHP_0fD5gBuytKP0hvd_ctT8tzoQ0wLqgssTv9pgLJpLE-IKI9j4l-yEU-RZhfQC5gBrpMugIsFYpka1DUlokxn-1Cgfmoz5npS3lGiRDEvLfF2CFXyYIGc9SJBtX8HES_SKUqY948DiHjWmyPly-MqsTVZqxK-YcNSGKn1hSulvTif1FJ_tW7XWk8OnhzjCR2E19DnfBmYetYgaBE4mCHXX0Ho0j4YffmmnQCT8v_WN6hwS3C52xv_y4lpkg4Hy2m8a-V9JCoMgL_Lkh2fQGP2y-J281-Kxyjb4pAkakh8X6F5T41LzSO7BiIlkVZ57ZiChz39Edft-pwp6kUzSUQCQ0aVhFUmQKxhcoDoFCq9D2I3KmwLMb4q7Mij5jbcKkvuaodGbqU_fprQlvqwOUNZ9_BEhfQQss Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052068471485484&output=html&h=280&adk=1321038387&adf=3878213530&pi=t.aa~a.2203647317~rp.1&w=650&fwrn=4&fwrnh=100&lmt=1699164851&rafmt=1&to=qs&pwprc=6709849917&format=650x280&url=https%3A%2F%2Ffree-calendar.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699164851432&bpp=2&bdt=2161&idt=2&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db17b1e5f42c0044c%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbCxRyrFQLmcobPCD09SW47y896wg&gpic=UID%3D00000d9fa844f984%3AT%3D1699164849%3ART%3D1699164849%3AS%3DALNI_MbZ1nqsXHiFQmT7PVzcVu3ZkgPVxw&prev_fmts=0x0%2C450x450&nras=2&correlator=3696461174713&frm=20&pv=1&ga_vid=89398363.1699164850&ga_sid=1699164850&ga_hid=1562858946&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079347%2C42531706%2C44801484%2C44807048%2C44807334%2C44807454%2C31078297%2C31079356%2C31079382%2C44800658&oid=2&psts=AOrYGslIXci29mrjCqty1iJtgtXh-1ofOmTKRT5Ynwiodod5aUJs_JiJ_NPptAZudHTvIt_bR_E1WwDxq7RrQK8&pvsid=630709843855693&tmod=1641471009&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ag5okJU7ZW&p=https%3A//free-calendar.su&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0D52	0 0	47ms 46ms	Fetch image/gif	142.251.111.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1UpqT5hVTU400d14-JUA8S5FZ7kyDTq0zzqkrE51Py5J10Cd9qdyuSR3PaI7qeZfbVK6xm2NGwW4xUNrlwId2N-kFbES2yp3yLx8ljxaf7NFWNyYZpgPILdJaCugsRnnbez8tcMZtJCLQwQ2VGo31V0KGaRXhwbvcsWWgSN-e6JSH2C1phLweTR6y-DM98NmILMWaH5yJWTlSGJ4NRWYBzw_yvkSQRRCS31j__Eex8z-wrOVP_u8vdzUO_NebkmkMqdRCLO6lu4ybntnLnDH9evUk9IGAgEHW-zDzqX93hBC_A43eD64acc8SUA4svQte65UWvHaaH8ebPdzrEJpLqnVTFZthv7r_FQgocybFfgWegalcoIvXo-O9Rtcw9O7vcKJmF9w74wTiYdPkhBaGKX2uHXJ8EE1MWOOpqeEd-KltTqsHktQU-dgUNSFALjZUnldVgZncLKasdz4Uvf187EuV5OfoxVQyasH8w2wauzXg_P-FGzyvA_J-tiVnF1rtF_XwYpqAq2KHkkORwPluR2tLb-zgw32KkeBZYKJKHHmCWnyIUwUFocbs2TVjyqd2J0gdGT71cSIafdiEije_4UB9lCyJNhQRRjNr3myb3Kbqi23TmWdVfSgleWruM8YT-vAyR4Tb0FmiwNluszityMRE4Pj53xdiXCBzo4FwDZI6NUI-w9_qhtAoX2Jvnylr_dDGPzxlcv-OrI4Ai2p-7CK5yo-49wBKY_Pl28J64gu630lDWbZcNChFdchGdnhx4m9sQM0rcpaELfx50sExQln-cAhwI_1XadhWkvr0-Sa_rZxXyAKepduTxjrsDl-_ZIVXSLsYW2asr-7wBtolUCAiODMWnBeXbwuN1yArrNot25NdaP1BCb_s31XqLJBZTASLECIeWkpVDibAKhFI2mJWAWADCYg9Wufu4ilQtEeTZEghhCbMIej0pfwj1rpZ3WL_i_HTfQUT0zIkTKzcG9jNHJ5nY-iddaPVBT2inxmddB-ey-wnT6CvqpF8cwhIZFnDaxCBtUZ85bGaesYmK5JuSf-Prx8fxLH6vxLUXZlogN1NxKXW-B2jJUImeuAC9sIgeOVLMeluz9vkX0rS1rj_Uq119a6bvcUI0yKkq_GouJp8Z6QhAhM09ndTUFiZ-pprqPAOQS9MsigVR851NQl99sXPHuUinDaRhJybB6tQsHCfjRjwIe_zT7oLiuM7hbdYHQZXfF0uiya73XtxHFPYln52eqArOp9yyFdnpaU1ZGUWIevFbeAuckLiuNqgSzcO6RMi4efbYJF9iBVYPabKWAWEUzlhaToJ5UYV8pNLPwybv1_c15saEw9q&sai=AMfl-YRvnmE8rG_MvKklyDCDu-iHIJ-TXKns2oI65MgHGtFLBfHn0vaosZ3KGM0y8H45H6hX2yusUy_M9Miof2x_zh82FymaO9hjrEWId7Zaahlyye23my1PiM3lbeYcgdFJNj1t3QegCwKEHLMhrvtlzq8r7MptktXS5ZuvmoqQ57oqWG2mRX5TpMbpMWvzGK2nRiUkg9zZnY_zcCzLI2ZLPzf4447WeCPBGp6GwIHQrYbnBP7FhREMT3SL8qP-IXkuZVxeZIhW2eRuDv8IK_4Qcahym5J0inw&sig=Cg0ArKJSzKu-xcVTyXgwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&vt=11&dtpt=179&dett=3&cstd=147&cisv=r20231101.49607&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: free-calendar.su URL: https://free-calendar.su/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 06:14:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame BDC5	42 B 64 B	48ms 47ms	Fetch image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaeBpCVJPGNzNoYcA9e-vddECdUrgxFo_BHux0x8-M0BJUpJPXvT2rep5nljDVYr8daAq-tZZg6DzeyuLTDT1bqdZ7MgqMQNlC5vYgs8S6U1cC7HZv4j0yuYhZz4uWSBkVX1J7jYjagg&sai=AMfl-YTFLdtpAn0Klqz9WxTXVRSJZOtlPDd8bcmwlYECAh20e8jOUCiTcM7RvYfFARNZ6QVfU0X3r2G9AKiQPhuoMOtkgeuznsC8Xfw17OYgseFM6wi8lqywBCVWMJIw0zfD99LRZlwsO6kB7qBIu02o&sig=Cg0ArKJSzG5Djn0czHlaEAE&cid=CAQSTgDICaaNCC5UUD7Vexdz_4egJmLxtEpXRXOw1fxumAMV5aE5HbOUJsSlvWoCdiR3DG_sfSZapCR5QnSsozIU_LiWybsrFWOrcYkBNjPIShgB&id=lidar2&mcvt=1000&p=-1,1,123.265625,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699164851520&rpt=1183&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:13 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0D52	0 25 B	45ms 44ms	Ping image/gif	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6586303909597&version=m202309260101&ct=76&x=1&cor=5380812755982129000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Sun, 05 Nov 2023 06:14:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT