www.fakemail.net Open in urlscan Pro
149.56.134.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fakemail.net/
Submission: On August 08 via manual (August 8th 2023, 4:01:16 pm UTC) from CR — Scanned from CA

Summary HTTP 132 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 132 HTTP transactions. The main IP is 149.56.134.162, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.fakemail.net.
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.

This is the only time www.fakemail.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	149.56.134.162 149.56.134.162	16276 (OVH) (OVH)
1	3.131.10.225 3.131.10.225	16509 (AMAZON-02) (AMAZON-02)
3 34	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
6	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
3	185.217.69.108 185.217.69.108	9009 (M247) (M247)
2	172.217.13.104 172.217.13.104	15169 (GOOGLE) (GOOGLE)
7	172.217.13.99 172.217.13.99	15169 (GOOGLE) (GOOGLE)
3	142.250.64.78 142.250.64.78	15169 (GOOGLE) (GOOGLE)
2	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
23	172.217.13.129 172.217.13.129	15169 (GOOGLE) (GOOGLE)
4	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
6	172.217.13.131 172.217.13.131	15169 (GOOGLE) (GOOGLE)
16	172.217.13.174 172.217.13.174	15169 (GOOGLE) (GOOGLE)
1 7	172.217.13.132 172.217.13.132	15169 (GOOGLE) (GOOGLE)
2	172.217.13.97 172.217.13.97	15169 (GOOGLE) (GOOGLE)
132	16

19 149.56.134.162 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: vps-4adfcc27.vps.ovh.ca

www.fakemail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.10.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-10-225.us-east-2.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 172.217.13.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.217.69.108 (Bucharest, Romania)

ASN9009 (M247, RO)

fdn.r.worldssl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.13.129 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.13.174 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.13.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	474 KB
23	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724 www.google.com — Cisco Umbrella Rank: 3	172 KB
19	fakemail.net www.fakemail.net	191 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	229 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	172 KB
8	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192 www.googleadservices.com — Cisco Umbrella Rank: 166	914 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	6 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	225 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	21 KB
3	worldssl.net fdn.r.worldssl.net	33 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 8585	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	142 KB
1	escalated.io tag.escalated.io — Cisco Umbrella Rank: 57220	33 KB
132	13

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	www.fakemail.net	www.fakemail.net
17	pagead2.googlesyndication.com	www.fakemail.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.google.com	1 redirects pagead2.googlesyndication.com www.google.com tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	www.googleadservices.com	www.fakemail.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	www.fakemail.net googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fdn.r.worldssl.net	www.fakemail.net
2	afs.googleusercontent.com	www.google.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
2	www.googletagmanager.com	www.fakemail.net www.googletagmanager.com
1	tag.escalated.io	www.fakemail.net tag.escalated.io
132	17

This site contains links to these domains. Also see Links.

Domain
www.minuteinbox.com
www.disposablemail.com
www.tempmailinbox.com
www.sendtransfer.com
www.plustransfer.com
www.bigtransfer.com
www.shortlink.net
stuffboxnews.com

Subject Issuer	Validity	Valid
fakemail.net R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.escalated.io Amazon RSA 2048 M01	`2023-04-24` - `2024-05-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.r.worldssl.net R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.fakemail.net/
Frame ID: 49AABE2D01015A41E985C925570BA76E
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html
Frame ID: 256A84C1AAD2DAC0DAAD778D81E3C6DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&adk=1812271804&adf=3025194257&lmt=1691510467&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwww.fakemail.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466871&bpp=6&bdt=296&idt=488&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1861054693195&frm=20&pv=2&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=522
Frame ID: 2A8E48F7A547B79E84E0F356253B4E11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=280&slotname=1929361169&adk=3137817833&adf=1119259538&pi=t.ma~as.1929361169&w=336&fwrn=4&fwrnh=100&lmt=1691510467&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.fakemail.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466881&bpp=1&bdt=306&idt=518&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gITeVrGwQK&p=https%3A//www.fakemail.net&dtd=523
Frame ID: 8DD056C2929BCBE83821914C8F15B3E5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437
Frame ID: F0F39556E3A1703A3126499696713B99
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=242698952&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510467052&bpp=1&bdt=477&idt=369&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C728x90&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=g0AagqKqQI&p=https%3A//www.fakemail.net&dtd=393
Frame ID: CA483012443CA621A049B7B43155ADB5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6132749423B41D824F9DEB3A4A53DF3C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Frame ID: 62DDD3144A330F9360F4FE5CE5BC9018
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-c7531fda0e8403105&fexp=44786015%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&iab_gdprApplies=false&client=pub-7740240375137244&r=m&hl=en&cpp=5&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=3771691510468464&num=0&output=afd_ads&domain_name=www.fakemail.net&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1691510468465&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=732&frm=0&cl=552777282&uio=-&cont=autors-container-0&jsid=csa&jsv=552777282&rurl=https%3A%2F%2Fwww.fakemail.net%2F&adbw=master-1%3A0
Frame ID: 98D74EBE66E70AE7500A72DDC7CD126E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: B9C75EC948F7365D9FBDB9CD26956F9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: B270B1ABC6E74CD57C2FB7062827751F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 9DD567742FE4145A25DA306AD18BDBC5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1BE82F9263658BDB0E5CB3181D774B66
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 3236C7AAF58489BF60C65160AF7AE591
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2347B2136AE3D6BCA879CE3E3CD86FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CED44C810EF9F2A1E027460B34AD1648
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FakeMail | Temp Mail Addresses

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

132
Requests

97 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

1700 kB
Transfer

4404 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.minuteinbox.com/
Title: MinuteInbox

Search URL Search Domain Scan URL

URL: https://www.disposablemail.com/
Title: DisposableMail

Search URL Search Domain Scan URL

URL: https://www.tempmailinbox.com/
Title: TempMailInbox

Search URL Search Domain Scan URL

URL: https://www.sendtransfer.com/
Title: SendTransfer

Search URL Search Domain Scan URL

URL: https://www.plustransfer.com/
Title: PlusTransfer

Search URL Search Domain Scan URL

URL: https://www.bigtransfer.com/
Title: BigTransfer

Search URL Search Domain Scan URL

URL: https://www.shortlink.net/
Title: ShortLink

Search URL Search Domain Scan URL

URL: http://stuffboxnews.com/top-5-things-you-should-know-about-online-privacy/
Title: StuffboxNews - Top 5 things you should know about online privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://googleads.g.doubleclick.net/pagead/adview?ai=CHk-Iw2bSZJ_kG4H6zLUP-IOOuAXg2OaLcvj2qO7_EJz-j9DpMBABIMi8iyZg_aCZgegDoAHp_fXPA8gBCagDAcgDywSqBMcBT9DYONGAJoVnnEgPtZjVI2bwNB10HNtTvR4yesADZWXCMyP1geZHdUfcJ6PMz53hST_647OhZnZPG8jg0VOrZEb48t3ZQK4yS5-p3ouq9XCu9HMsIjHqBXhAKwLisktof4abdA_KGZbnc5w36gsuNomIG_yV7MQZ4DTTLrp5oHMs_m7yqfS3RyGPOSedl1KF8YqkORmsRGRcB-aqt7Ciq4q6D4O3WJrqQY2pbODF_0gv5UqVokpjAqoW5tPvKNpAOf4VUZ0hP8AEhIPdnKUEkgUECAQYAZIFBAgFGASgBi6AB7b9uooDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ7YcG0ggUCIBhEAEYHzICigI6AoBASL39wTqaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9NTExMTI5JnN1Yj1nY2xpZIAKAcgLAaIMCCoGCgTDsLEC2gwRCgsQ0OaJobP2xo2LARICAQO4E-QD2BMMiBQB0BUBgBcBshccChoIABIUcHViLTc3NDAyNDAzNzUxMzcyNDQYAA&sigh=dqloUqJg-h4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWucWxVMTD9_rIoUx2GLQDqc1Oz3IY0RgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2a34d3aec7245840000000000000000%22,%222%22:%220xd616ae82031775840000000000000000%22,%225%22:%220x54a0f92c54ac0a140000000000000000%22},%22debug_key%22:%224485058309094797155%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221073158293096937121%22}&andc=true

Request Chain 99

https://googleads.g.doubleclick.net/pagead/adview?ai=CuwF3w2bSZIPRHMDhj-8Pqo29wAuE0sSBcvSr4ZH9EcCNtwEQASDIvIsmYP2gmYHoA6AB8KDc3APIAQGpApSgtuOO96g-qAMByAPLBKoExAFP0JWySCiIc_FIcBvX6ScdSIBpNC37ZuiJeEf-HOn6q5jlW3l9S062IX1wa3-rYqt990pO-3qihh-9pwDg3_KNyMiWu6Z7JvyznXlqfkZfDMH5R5tEZiY3CdAVidRKLD1gvTVTsXZDvq2XEglZH9ALrVPlPbiRWEWVb9aSDAP6wPidsnxQ3hu9QJ2VUyr-r9ITaNBlE2D-qq5GJwCgniRJAtnFqG2YmiMlxes0uEtLwL9XB5vz0TWCHtDUuD487h0RiCzcwATa9p3XnQSAB_jeoyOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCRvQPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFmh0dHBzOi8vc2hvcC5kbGluay5jYS-ACgHICwGiDAgqBgoEw7CxAtoMEQoLEICb_cfnzri22QESAgED2BMDiBQE0BUBmBYBgBcBshccChoIABIUcHViLTc3NDAyNDAzNzUxMzcyNDQYAA&sigh=MpXHBpx_6Qc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWRFi6-wuIvqOpRz7j1YR9iR2Sp2so4hgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62fa357a79bae0000000000000000%22},%22debug_key%22:%222007874801674662986%22,%22debug_reporting%22:true,%22destination%22:%22https://dlink.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999755888%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217178141095893762625%22}&andc=true

Request Chain 100

https://googleads.g.doubleclick.net/pagead/adview?ai=CfBpFw2bSZJPfHqfR0_wPzfuviAyE0sSBcvSr4ZH9EcCNtwEQASDIvIsmYP2gmYHoA6AB8KDc3APIAQmpAu87QFuYC6k-qAMByAPLBKoExAFP0Nj5rtqyhcnFqRPVpTluSsALpNL4OBBRZtRDae15VefmZF7In-U6XgeILQ7vLf58HN8T9Ef0TNWC_JmTryhaD9v82QSXR5XWcYOZRJXba9wNW1hE9TW4PS-ejLRjhwlpWnlG2yqbVwHoCXDyoXWZ1GUklc0czM5OmXVMvFxwZ0GYVPZrw715ONzGgN8lqhHQvVUMhcQqXdAGqdhk6j6w9raC9Nrj4QX8C3jUMN4Wp-ET8OrYm_QhBcZFrhYSTqEkkON1wATa9p3XnQSgBi6AB_jeoyOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCCiAXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFmh0dHBzOi8vc2hvcC5kbGluay5jYS-ACgHICwGiDAgqBgoEw7CxAtoMEAoKEJDV9YL9n4fbAhICAQPYEwOIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNzc0MDI0MDM3NTEzNzI0NBgA&sigh=mJZzLtMpmms&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWxJyIxeA6jWZLlFUHWsIkFfvnh8ocDxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62fa357a79bae0000000000000000%22},%22debug_key%22:%229478758360413305206%22,%22debug_reporting%22:true,%22destination%22:%22https://dlink.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999755888%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217147313588355411281%22}&andc=true

132 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.fakemail.net/ 29 KB
9 KB 225ms
44ms Document
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

28486ccf716b9c2cfaee71d3d379894761fc2312131acee4bdb71d639357a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8612
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 16:01:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.56 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 76 KB
33 KB 209ms
67ms Script
application/javascript 3.131.10.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.escalated.io/?i=XAOUx5wmIJbJOF3
Requested by: Host: www.fakemail.net
URL: https://www.fakemail.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-10-225.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 19:03:48 GMT
Server: nginx
ETag: W/"645bea94-1319b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 178ms
72ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7740240375137244

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

34159cf783ab2cf66f6e783c51da28a8a6364a1a7afd5858c9a13998b5c48c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Origin: https://www.fakemail.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50627
x-xss-protection: 0
server: cafe
etag: 1049522689789176788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
963 B 164ms
66ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Henny+Penny|Libre+Franklin&display=swap

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b63c93cd3409f8d42f976526faf2c9a584bc2afebeb01d3980f3f0c8b2bce867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 16:01:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:06 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
fdn.r.worldssl.net/fonts/ 18 KB
18 KB 207ms
74ms Font
application/font-woff2 185.217.69.108
M247

General

Check archive.org

Show headers Download Go to

Full URL

https://fdn.r.worldssl.net/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.217.69.108 Bucharest, Romania, ASN9009 (M247, RO),

Reverse DNS

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Thu, 20 Apr 2023 06:23:47 GMT
server: nginx
x-edge-location: New York, US
vary: Accept-Encoding
x-cache: STALE
content-type: application/font-woff2
access-control-allow-origin: *
x-edge-ip: 185.217.69.108
x-age: 6810625
accept-ranges: bytes
content-length: 18028
x-storage: 717086628:8001

GET
H/1.1 200
OK bootstrap.minimal.css
www.fakemail.net/css/ 118 KB
20 KB 41ms
41ms Stylesheet
text/css 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/css/bootstrap.minimal.css?time=270920190711

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

e1de83b8d7ec973176be5d91ce8274f7e6f4b98cea725bf47932989068a6d687

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19756

GET
H/1.1 200
OK bootstrap.vertical-tabs.min.css
www.fakemail.net/css/ 2 KB
974 B 84ms
33ms Stylesheet
text/css 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/css/bootstrap.vertical-tabs.min.css

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

0749708d0d2ea1a694e6469aeb6c5b285ec7a47fa58d15d24c99b93fd3c1c68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 533

GET
H/1.1 200
OK styles.css
www.fakemail.net/css/ 11 KB
3 KB 103ms
34ms Stylesheet
text/css 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/css/styles.css?time=270920190711

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

2969fa3ecdbf9382009c1cdee8ca2584611c657bba25c9bc0ee5d7f54e6b3680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2552

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 200ms
81ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46883802-16

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

46516e714e14aef3a9e91a6b0543d6e8fd399f2f7a5197ce4c1c34ce80a65c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66537
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:17:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 16:01:06 GMT

GET
H/1.1 200
OK fake-email-address.png
www.fakemail.net/img/ 29 KB
29 KB 38ms
38ms Image
image/png 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fakemail.net/img/fake-email-address.png

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

54f2fd717a7364aea28e73cc869b8474a461fa5ec1f92f6b8930cc2d7744ab59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Apr 2023 20:10:23 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29715

GET
H/1.1 200
OK fake-mail.png
www.fakemail.net/img/ 6 KB
6 KB 35ms
34ms Image
image/png 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fakemail.net/img/fake-mail.png

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

f9dec9c0ebfe4cf814bc37b0fee3177fb6df635f224360d7050b8e9dea27795f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5940

GET
H2 200 fake-mail.png
fdn.r.worldssl.net/img/ 6 KB
6 KB 101ms
97ms Image
image/png 185.217.69.108
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fdn.r.worldssl.net/img/fake-mail.png

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.217.69.108 Bucharest, Romania, ASN9009 (M247, RO),

Reverse DNS

Software

nginx /

Resource Hash

f9dec9c0ebfe4cf814bc37b0fee3177fb6df635f224360d7050b8e9dea27795f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Thu, 20 Apr 2023 06:23:47 GMT
server: nginx
x-edge-location: New York, US
vary: Accept-Encoding
x-cache: STALE
content-type: image/png
x-edge-ip: 185.217.69.108
x-age: 6810625
accept-ranges: bytes
content-length: 5917
x-storage: 717086628:8001

GET
H/1.1 200
OK jquery.min.js Show response
www.fakemail.net/js/ 85 KB
30 KB 48ms
44ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/jquery.min.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30080

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.fakemail.net/js/ 191 KB
50 KB 49ms
45ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/jquery-ui.min.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

6f64c6f81817f10bee33c71594ba9530732bd27fb289ae39687942fd5ffc480f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 50559

GET
H/1.1 200
OK bootstrap.min.js Show response
www.fakemail.net/js/ 36 KB
10 KB 38ms
35ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/bootstrap.min.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9833

GET
H/1.1 200
OK clipboard.min.js Show response
www.fakemail.net/js/ 10 KB
4 KB 110ms
34ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/clipboard.min.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3282

GET
H/1.1 200
OK jquery.knob.js Show response
www.fakemail.net/js/ 11 KB
4 KB 111ms
36ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/jquery.knob.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3604

GET
H/1.1 200
OK jquery.cookie.min.js Show response
www.fakemail.net/js/ 1 KB
1 KB 112ms
36ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/jquery.cookie.min.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

46b2700db35eb798c0bf5e5e4985970e043b9355ad4e2c632a957352d8a3b91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 668

GET
H/1.1 200
OK fakemail.min.js Show response
www.fakemail.net/js/ 9 KB
3 KB 37ms
37ms Script
application/javascript 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/js/fakemail.min.js?time=270920190711

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

479671c1ab130d583276d46aa3565025f3a9849ea195913077abb1fd72d612f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:55 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2902

GET
H2 200 tempmail_video_background.png
fdn.r.worldssl.net/img/ 8 KB
9 KB 96ms
92ms Image
image/png 185.217.69.108
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fdn.r.worldssl.net/img/tempmail_video_background.png

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.217.69.108 Bucharest, Romania, ASN9009 (M247, RO),

Reverse DNS

Software

nginx /

Resource Hash

3b494ec72ee3207b6a64ea04aca145e7896c9ac42390379c74978c77e6bee027

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Thu, 20 Apr 2023 06:23:47 GMT
server: nginx
x-edge-location: New York, US
vary: Accept-Encoding
x-cache: STALE
content-type: image/png
x-edge-ip: 185.217.69.108
x-age: 6810625
accept-ranges: bytes
content-length: 8591
x-storage: 717086628:8001

GET
H2 200 wXKvE3UZookzsxz_kjGSfPQtvXI.woff2
fonts.gstatic.com/s/hennypenny/v17/ 44 KB
44 KB 145ms
36ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hennypenny/v17/wXKvE3UZookzsxz_kjGSfPQtvXI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Henny+Penny|Libre+Franklin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

6a7d21041f4851f64d594dfb27f2591b8c7eb33d242e7f9c463eef3d0d1f236c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fakemail.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:40:29 GMT
x-content-type-options: nosniff
age: 570037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2024 01:40:29 GMT

GET
H2 200 jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v13/ 14 KB
14 KB 179ms
70ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Henny+Penny|Libre+Franklin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fakemail.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:08:34 GMT
x-content-type-options: nosniff
age: 571952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2024 01:08:34 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.fakemail.net/fonts/ 18 KB
18 KB 88ms
39ms Font
application/font-woff2 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/css/bootstrap.minimal.css?time=270920190711

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fakemail.net/css/bootstrap.minimal.css?time=270920190711
Origin: https://www.fakemail.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:01:06 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 06:23:47 GMT
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18030

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 372 KB
125 KB 177ms
93ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7740240375137244

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5e475c14e46d1050d2e517f9fdc52844790a0989bf03da184017222715c02b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128280
x-xss-protection: 0
server: cafe
etag: 6914174887287756323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/ Frame 256A 10 KB
5 KB 156ms
36ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7740240375137244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 45516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 03:22:31 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 03:22:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST post
tag.escalated.io/ 0
0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK index Show response
www.fakemail.net/index/ 61 B
607 B 95ms
94ms XHR
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/index/index

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

6b6a2af57f476a1dde6def4e516f259ace58a0b75557df8ac6b8c9da2e10558f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fakemail.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 16:01:07 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache/2.4.56 (Debian)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 61
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK / Show response
www.fakemail.net/index/avatars/ 5 B
423 B 52ms
52ms XHR
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/index/avatars/

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fakemail.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 16:01:07 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache/2.4.56 (Debian)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 5
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK refresh Show response
www.fakemail.net/index/ 499 B
742 B 63ms
63ms XHR
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/index/refresh

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

e64dd008c296f82c598f2e8b56875d678f31c87fc10062d8db196d3ce078db0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fakemail.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 16:01:07 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 275
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK zivot Show response
www.fakemail.net/index/ 59 B
478 B 40ms
40ms XHR
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fakemail.net/index/zivot

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

fe7c69197fc25d2236fd9c4de67c46fb2707a061f49aa8dd51a65f35cfee5cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fakemail.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 16:01:07 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache/2.4.56 (Debian)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 59
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 87ms
86ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1BZVQV8CTE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46883802-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ab665787f9e88b6c8fbecbdb2c673b588807978780506119e0df0f4dc63386a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 16:01:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 141ms
40ms Script
text/javascript 142.250.64.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46883802-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 14:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5591
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 08 Aug 2023 16:27:56 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 194ms
63ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fakemail.net&callback=_gfp_s_&client=ca-pub-7740240375137244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

beec2de59b5fffb51dc76169005f86244a6e3350f848e66cfc87b67126b1c404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A8E 174 KB
49 KB 549ms
549ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&adk=1812271804&adf=3025194257&lmt=1691510467&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwww.fakemail.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466871&bpp=6&bdt=296&idt=488&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1861054693195&frm=20&pv=2&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=522

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f005ad9be8e7f28090ba5a8ac764060a2af02625fa54d40881ffdf57ccc5c241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50590
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:07 GMT
expires: Tue, 08 Aug 2023 16:01:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=FOOTER&cls=navbar%20navbar-default%20navbar-fixed-bottom%20text-center%20col-xs-12%20termsa&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DD0 99 KB
36 KB 584ms
583ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=280&slotname=1929361169&adk=3137817833&adf=1119259538&pi=t.ma~as.1929361169&w=336&fwrn=4&fwrnh=100&lmt=1691510467&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.fakemail.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466881&bpp=1&bdt=306&idt=518&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gITeVrGwQK&p=https%3A//www.fakemail.net&dtd=523

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

942cc5b35a3bb1484a631dc6dd2640d60ecbc4f0d3562077f92d2cbf60a37e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36747
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:07 GMT
expires: Tue, 08 Aug 2023 16:01:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0F3 103 KB
38 KB 634ms
631ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

866fed2a114584ae35ddd26e7b70107aa0c7205d3905135c091931650c714579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:07 GMT
expires: Tue, 08 Aug 2023 16:01:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA48 115 KB
40 KB 563ms
554ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=242698952&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510467052&bpp=1&bdt=477&idt=369&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C728x90&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=g0AagqKqQI&p=https%3A//www.fakemail.net&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

352281b77e440f8c176cd473e9ed5b102bf1efcd360ae2130c9b8649115cf44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:07 GMT
expires: Tue, 08 Aug 2023 16:01:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 56ms
54ms Ping
text/plain 142.250.64.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1BZVQV8CTE&gtm=45je3820&_p=771931838&cid=1691242536.1691510467&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1691510467&sct=1&seg=0&dl=https%3A%2F%2Fwww.fakemail.net%2F&dt=FakeMail%20%7C%20Temp%20Mail%20Addresses&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1BZVQV8CTE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.64.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s30-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fakemail.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 54ms
54ms XHR
text/plain 142.250.64.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=771931838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fakemail.net%2F&ul=en-us&de=UTF-8&dt=FakeMail%20%7C%20Temp%20Mail%20Addresses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=712986236&gjid=98376162&cid=1691242536.1691510467&tid=UA-46883802-16&_gid=1608026891.1691510468&_r=1&gtm=457e3820&jsscut=1&z=2087495873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fakemail.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found undefined
www.fakemail.net/avatars/ 1 KB
1 KB 38ms
38ms Image
text/html 149.56.134.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fakemail.net/avatars/undefined

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.56.134.162 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

vps-4adfcc27.vps.ovh.ca

Software

Apache/2.4.56 (Debian) /

Resource Hash

04caed86531e797d8572f4bf481bbb163ba7299e6ee8dd6c8e36a43740ed4047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 16:01:07 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 722
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8DD0 6 KB
802 B 85ms
64ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=280&slotname=1929361169&adk=3137817833&adf=1119259538&pi=t.ma~as.1929361169&w=336&fwrn=4&fwrnh=100&lmt=1691510467&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.fakemail.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466881&bpp=1&bdt=306&idt=518&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gITeVrGwQK&p=https%3A//www.fakemail.net&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:07:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8DD0 2 KB
926 B 234ms
105ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 8DD0 23 KB
9 KB 173ms
102ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8DD0 3 KB
1 KB 171ms
100ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8DD0 20 KB
8 KB 204ms
75ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DD0 179 KB
57 KB 236ms
106ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 8DD0 33 KB
14 KB 144ms
38ms Script
text/javascript 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 20:05:52 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 154 KB
52 KB 89ms
75ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

17cbd8955be64d6b9d020804303b64602a76fb1e1ecabd4497c3928a98dba46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53648
x-xss-protection: 0
server: cafe
etag: 13311164305491751271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 ca-pub-7740240375137244 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 236ms
102ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7740240375137244?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

1388ddde6330e984dfdcacd97ee590c84ddc9ada0dd38ca7cf7c171b408eb11f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-11KF0v8cMdGBZyOeEuR5wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-11KF0v8cMdGBZyOeEuR5wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA48 14 KB
1 KB 75ms
71ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=242698952&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510467052&bpp=1&bdt=477&idt=369&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C728x90&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=g0AagqKqQI&p=https%3A//www.fakemail.net&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:03:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame CA48 2 KB
972 B 180ms
101ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame CA48 23 KB
9 KB 95ms
94ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame CA48 3 KB
1 KB 97ms
96ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame CA48 20 KB
8 KB 178ms
99ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA48 179 KB
56 KB 231ms
151ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame CA48 33 KB
14 KB 71ms
44ms Script
text/javascript 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 20:05:52 GMT

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 144 KB
53 KB 168ms
66ms Script
text/javascript 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

sffe /

Resource Hash

615fa6f08b869347a392b3459c9e735d4965b64187713aad6db4ad6da455c3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4542852837673174157"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
65ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44786015&hl=en&pvc=953738484223395

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/15762864468196203665/ Frame 8DD0 30 KB
30 KB 77ms
46ms Image
image/jpeg 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15762864468196203665/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

eaa5271bdc244627329b393cad9e6dbed8a4bbb29647a8b5b5fff82cc995f599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:11:41 GMT
x-content-type-options: nosniff
age: 398967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30401
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 17:04:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 01:11:41 GMT

GET
DATA 200
OK truncated
/ Frame 8DD0 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cce957c4d2d3fceda873fda9d1e6e713bf2a4fdcd0b53b309314c41fe6d5abd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame F0F3 14 KB
1 KB 73ms
70ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:07:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F0F3 2 KB
926 B 105ms
102ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame F0F3 23 KB
9 KB 65ms
56ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F0F3 3 KB
1 KB 68ms
59ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F0F3 20 KB
8 KB 83ms
79ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0F3 179 KB
56 KB 153ms
150ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame F0F3 33 KB
14 KB 67ms
58ms Script
text/javascript 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 20:05:52 GMT

GET
DATA 200
OK truncated
/ Frame F0F3 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5326124214523463331/ Frame CA48 7 KB
7 KB 51ms
50ms Image
image/jpeg 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5326124214523463331/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

ccb7d8c55ec9a039269c197e669221f7740b4fc8b9c569eed287195ce4e6b67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:30:17 GMT
x-content-type-options: nosniff
age: 444651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6901
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 14:21:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Aug 2024 12:30:17 GMT

GET
DATA 200
OK truncated
/ Frame CA48 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA48 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6132 143 B
166 B 36ms
35ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 15:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8DD0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65aca0ac7a083d9136028e79dc4a1ad0d8940df76584b4249cc096e66c7fc498

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F0F3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e345291de64472288403e79f0e9ec718d44d7e44dc31c3d5048bec41d142d8a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CA48 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba49c063df3a19de12fe2d1fd98cc278408f8ad839808206192c4e4ce1c52e9e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6132
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
62ms

Document
text/html

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:08 GMT
expires: Tue, 08 Aug 2023 16:01:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/ Frame 62DD 10 KB
4 KB 47ms
45ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 13534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 12:15:34 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 12:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXdG3WPGmu0LSXRHH3bLIqgsP3L1QUOcnhQZWTAsEsfiS-IRSkfKlSQwFdVV94bNcZGU24e5vx9I7TNviOTWN0wlwhGWGZTEkmlOJZfxqgQt8d_MnHI_eIC7d32zJkdM_fE5sqRIA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 134ms
132ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdG3WPGmu0LSXRHH3bLIqgsP3L1QUOcnhQZWTAsEsfiS-IRSkfKlSQwFdVV94bNcZGU24e5vx9I7TNviOTWN0wlwhGWGZTEkmlOJZfxqgQt8d_MnHI_eIC7d32zJkdM_fE5sqRIA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxNTEwNDY4LDQ1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmFrZW1haWwubmV0LyIsbnVsbCxbWzgsIlZsY1BRbWxzc1J3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VlcPQmlssRw.es5.O/d=1/rs=AJlcJMxRx4r9OQJxhgz440Mto5vfHfafyQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

27f050c61f9aedcc4397d0de890aea575adfb83ead1cfe777a9bad5160e8314c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a1axyTmpaNta6EAyAD5qPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-a1axyTmpaNta6EAyAD5qPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 378 B
312 B 73ms
71ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fakemail.net&client=partner-pub-7740240375137244&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a84ae28fadb08dd651bb6972239dfb938e65be8f7e4ca76c20efaf85301ee005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H2 200 ads Show response
www.google.com/afs/ Frame 98D7 19 KB
4 KB 164ms
157ms Document
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-c7531fda0e8403105&fexp=44786015%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&iab_gdprApplies=false&client=pub-7740240375137244&r=m&hl=en&cpp=5&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=3771691510468464&num=0&output=afd_ads&domain_name=www.fakemail.net&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1691510468465&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=732&frm=0&cl=552777282&uio=-&cont=autors-container-0&jsid=csa&jsv=552777282&rurl=https%3A%2F%2Fwww.fakemail.net%2F&adbw=master-1%3A0

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

gws /

Resource Hash

46f035415748083ed190c52117c6e748a342aff94fc4cafdc0c35d398ece7695

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Abmf5XF8OiKDQ-CdwciBrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 3100
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Abmf5XF8OiKDQ-CdwciBrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 08 Aug 2023 16:01:08 GMT
expires: Tue, 08 Aug 2023 16:01:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 15 KB
15 KB 38ms
37ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:11:33 GMT
x-content-type-options: nosniff
age: 571775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2024 01:11:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 15 KB
16 KB 44ms
44ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:19:33 GMT
x-content-type-options: nosniff
age: 398495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:19:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 15 KB
15 KB 45ms
45ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:12:48 GMT
x-content-type-options: nosniff
age: 398900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:12:48 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 62DD 4 KB
671 B 65ms
64ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 62DD 205 B
519 B 41ms
32ms Image
image/png 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:07:51 GMT
x-content-type-options: nosniff
age: 67997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Aug 2024 21:07:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 62DD 604 B
696 B 44ms
24ms Image
image/png 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:18:17 GMT
x-content-type-options: nosniff
age: 153771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Aug 2024 21:18:17 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 62DD 15 KB
6 KB 46ms
39ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 18:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 18:37:52 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 62DD 20 KB
8 KB 47ms
39ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 14:05:08 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F0F3 33 KB
33 KB 36ms
34ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:45:10 GMT
x-content-type-options: nosniff
age: 396958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:45:10 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CA48 33 KB
33 KB 35ms
34ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:45:10 GMT
x-content-type-options: nosniff
age: 396958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:45:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8DD0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHk-Iw2bSZJ_kG4H6zLUP-IOOuAXg2OaLcvj2qO7_EJz-j9DpMBABIMi8iyZg_aCZgegDoAHp_fXPA8gBCagDAcgDywSqBMcBT9DYONGAJoVnnEgPtZjVI2bwNB10HNtTvR4yesADZWXCMyP...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2a34d3aec7245840000000000000000%22,%222%22:%220xd616ae82031775840000000000000000%22,%225%22:%220x54a0f9...

0
0

85ms
75ms

Fetch
text/css

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2a34d3aec7245840000000000000000%22,%222%22:%220xd616ae82031775840000000000000000%22,%225%22:%220x54a0f92c54ac0a140000000000000000%22},%22debug_key%22:%224485058309094797155%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221073158293096937121%22}&andc=true

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe2a34d3aec7245840000000000000000","2":"0xd616ae82031775840000000000000000","5":"0x54a0f92c54ac0a140000000000000000"},"debug_key":"4485058309094797155","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"1073158293096937121"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 16:01:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe2a34d3aec7245840000000000000000","2":"0xd616ae82031775840000000000000000","5":"0x54a0f92c54ac0a140000000000000000"},"debug_key":"4485058309094797155","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"1073158293096937121"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame B9C7 37 KB
14 KB 44ms
44ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 01:17:41 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F0F3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuwF3w2bSZIPRHMDhj-8Pqo29wAuE0sSBcvSr4ZH9EcCNtwEQASDIvIsmYP2gmYHoA6AB8KDc3APIAQGpApSgtuOO96g-qAMByAPLBKoExAFP0JWySCiIc_FIcBvX6ScdSIBpNC37ZuiJeEf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62f...

0
0

82ms
75ms

Fetch
text/css

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62fa357a79bae0000000000000000%22},%22debug_key%22:%222007874801674662986%22,%22debug_reporting%22:true,%22destination%22:%22https://dlink.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999755888%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217178141095893762625%22}&andc=true

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb5015379a63866540000000000000000","2":"0x89e832dc79c3e1880000000000000000","5":"0x99c62fa357a79bae0000000000000000"},"debug_key":"2007874801674662986","debug_reporting":true,"destination":"https://dlink.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999755888"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"17178141095893762625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 16:01:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb5015379a63866540000000000000000","2":"0x89e832dc79c3e1880000000000000000","5":"0x99c62fa357a79bae0000000000000000"},"debug_key":"2007874801674662986","debug_reporting":true,"destination":"https://dlink.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999755888"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"17178141095893762625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CA48
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfBpFw2bSZJPfHqfR0_wPzfuviAyE0sSBcvSr4ZH9EcCNtwEQASDIvIsmYP2gmYHoA6AB8KDc3APIAQmpAu87QFuYC6k-qAMByAPLBKoExAFP0Nj5rtqyhcnFqRPVpTluSsALpNL4OBBRZtR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62f...

0
0

70ms
69ms

Fetch
text/css

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62fa357a79bae0000000000000000%22},%22debug_key%22:%229478758360413305206%22,%22debug_reporting%22:true,%22destination%22:%22https://dlink.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999755888%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217147313588355411281%22}&andc=true

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb5015379a63866540000000000000000","2":"0x89e832dc79c3e1880000000000000000","5":"0x99c62fa357a79bae0000000000000000"},"debug_key":"9478758360413305206","debug_reporting":true,"destination":"https://dlink.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999755888"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"17147313588355411281"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 16:01:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 16:01:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb5015379a63866540000000000000000","2":"0x89e832dc79c3e1880000000000000000","5":"0x99c62fa357a79bae0000000000000000"},"debug_key":"9478758360413305206","debug_reporting":true,"destination":"https://dlink.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999755888"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"17147313588355411281"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame B270 37 KB
14 KB 35ms
35ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7740240375137244&output=html&h=90&slotname=3820905174&adk=3462824633&adf=3664348633&pi=t.ma~as.3820905174&w=728&lmt=1691510467&format=728x90&url=https%3A%2F%2Fwww.fakemail.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691510466980&bpp=22&bdt=404&idt=431&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1861054693195&frm=20&pv=1&ga_vid=1691242536.1691510467&ga_sid=1691510467&ga_hid=771931838&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076512%2C31076730%2C31076444&oid=2&pvsid=953738484223395&tmod=1381199101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lQpc6MREs3&p=https%3A//www.fakemail.net&dtd=437

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 01:17:41 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DD5 37 KB
14 KB 36ms
35ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 01:17:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1BE8 14 KB
1 KB 68ms
67ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:04:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 1BE8 2 KB
892 B 41ms
40ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 1BE8 23 KB
9 KB 43ms
42ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 1BE8 3 KB
1 KB 44ms
41ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 1BE8 20 KB
8 KB 44ms
42ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:44:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BE8 179 KB
56 KB 60ms
57ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 1BE8 33 KB
14 KB 35ms
33ms Script
text/javascript 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 20:05:52 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
76ms Preflight
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 16:01:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 67ms
66ms Preflight
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 16:01:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
70ms Preflight
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5015379a63866540000000000000000%22,%222%22:%220x89e832dc79c3e1880000000000000000%22,%225%22:%220x99c62fa357a79bae0000000000000000%22},%22debug_key%22:%229478758360413305206%22,%22debug_reporting%22:true,%22destination%22:%22https://dlink.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999755888%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217147313588355411281%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 16:01:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 98D7 391 B
388 B 167ms
40ms Image
image/svg+xml 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-c7531fda0e8403105&fexp=44786015%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&iab_gdprApplies=false&client=pub-7740240375137244&r=m&hl=en&cpp=5&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=3771691510468464&num=0&output=afd_ads&domain_name=www.fakemail.net&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1691510468465&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=732&frm=0&cl=552777282&uio=-&cont=autors-container-0&jsid=csa&jsv=552777282&rurl=https%3A%2F%2Fwww.fakemail.net%2F&adbw=master-1%3A0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 10:59:14 GMT
age: 18115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 09 Aug 2023 09:59:14 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 98D7 200 B
699 B 166ms
39ms Image
image/svg+xml 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%239aa0a6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5b4cc8b4df06881ba671ef97dfbac6804e5c6ad9db05254103495b3a00e9e250

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 13:46:16 GMT
age: 8093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 09 Aug 2023 12:46:16 GMT

GET
H3 200 ads.js Show response
www.google.com/adsense/search/ Frame 98D7 144 KB
52 KB 72ms
68ms Script
text/javascript 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js?pac=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

sffe /

Resource Hash

cd0cbbbbd37761b2ff542244d13204005d3b455038cbc0350408d320682f8bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "5223740402538102095"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://afs.googlesyndication.com>; rel="preconnect"
expires: Tue, 08 Aug 2023 16:01:08 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3236 37 KB
14 KB 36ms
35ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: www.fakemail.net
URL: https://www.fakemail.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 01:17:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 84ms
77ms XHR
application/json 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230803&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

795e8d81dd695e1d72ce0f1b91517bf55cd38bb8aaa0602ea36cab3d7b465bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11764
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
133ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 16:01:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D234 13 KB
5 KB 57ms
47ms Document
text/html 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 482053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 02:06:56 GMT
expires: Fri, 02 Aug 2024 02:06:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CED4 847 B
553 B 85ms
76ms Document
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

GSE /

Resource Hash

31104f9fce8dd4dedcbfc387f2bb8aa1bbbe2a0471b49416e76401e5df8e0e9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R4xZQBXUEMlat6OgkfQpQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fakemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 531
content-security-policy: script-src 'report-sample' 'nonce-R4xZQBXUEMlat6OgkfQpQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 16:01:09 GMT
expires: Tue, 08 Aug 2023 16:01:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8DD0 42 B
64 B 89ms
80ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHlpb6bhaWm0pT1UvUxdhFyCqY_NSB8M2ikvf2HZmnwYUK0mLM1GK_P_WDFS9OnX8pRJ08WxvoVeKRTyNLkGGNitxXHMMhdaPejRfmkcz0UWk4WOxI4vY0R0aYwDtt0wurFvm9mWsV1Q&sai=AMfl-YQdDm_kjJ4FIXcxR_7-wb1SNgQAa05u7qIm2ZXh214sxXvm3pdkT9dlWoYpgKlw-qwGOTiIOwyGcl_w&sig=Cg0ArKJSzCrivlK0aqfMEAE&cid=CAQSGwBpAlJWucWxVMTD9_rIoUx2GLQDqc1Oz3IY0RgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3137817833&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691510467405&rpt=1258&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 78ms
72ms Image
image/gif 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.1216357145161835

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zUeIHBuEZDxUVBYxq2Ymqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zUeIHBuEZDxUVBYxq2Ymqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 137ms
131ms Image
image/gif 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.074179685971256

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-XSfvMDzpU8tLYl8YU6xxSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-XSfvMDzpU8tLYl8YU6xxSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0F3 42 B
64 B 90ms
86ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFF-Bned6H9HB81_DCx-cc8HMrdxSRN2UvHVJqc_CkiGTaNdOsNTTH2S4QJ-1cjGRZVvUAE0th0NHpnxgnwPKp66V2jY75EvX8TjLscW_3qnsFrmfPGX58D-N9V1NNu8TzACmprK2vPIEyXxoIVNiC9EiZWkw_g16sY7LwZCXz5qdHy6WaFWPA1dFlGBrpzVRbKec1RmpUtRFoELGBGhWzfm-X7rygqvLpVfaI-MqxFXG6wfZSzj8dC9OLejrRvkYKloRYEAu-1UOKuyxjUyYfeYHUsLHil8A1JcNQKKpgCVWRyJPj6_uC40eTAToHPH8IpG4Lyq001Tw9CSHJx1BFKgLvXIU0hVyXugRNJ9XXOk2k8xoHFzymJN8PANupXykr7O5b0rFrGxgpdySQHVdpXD46je7jq1crj_iQzVYJkbeFzETvfMmJgc1b6Gf0Nv25PwkpZxijUcV-FwVjdJ6G9q2je2bwSRxlBh_yrXPTZw7fBEDTS5V3Eeerras6EXgWjYYOFrt8-iZiPePkPreWraaq_ka6ghzhGV8-DegX1efnVZ8KUEMQ28Rn151Zt9oFoJENQlapkBA6ZDr4eK9Tc71ELVG9YbjxgoXbxWZhVakNTLFzonkD7nS6oWUPVnjLqipMunYAJuGeWRYa8EehVWWo3ySgRUt2CMqI7hNZ6AbgAjlOJ9qFbst6WcXci_hzqe2WBtpp2hDbtwxvgbGyMDgaWvJnpQ4bvb1iRRJFocXmpDvE3DJYLxIS0k5ST0_v4xYFF5Fu_cS8Kl7y0KZK0r-GmIZl-qgr72We48lq58MvYyMaI1ZwRVP_YtI7_954GUGfoorTAePA5vDwA6u6kPzU9KDBKCZ-CyYaSlijxyqYXameRD_FKJgFsqz0ptu1II2VMVg-dM-h00kOL1PR7rQAo7TX1sXqj1GmDIds0hZ1OenH6CEIIT0jqIY8Wv2xIzf0RBJ3BObSq8xesVeYSeZWnKiEgp7QNj3indmzcX0tWpzshl_ZGBiGushSW-mUbfkYqU2siGbZfA_LXsoYwqQyMOwO1Q&sai=AMfl-YSj2gxAIKd2uaQble3JoqSquu-pCqg4BLaP4mKv4KzQtxdiQj8smfxpADdKJOt779YDeuTogvVGhWv_SsFcmgTWYlZf3qg-lA&sig=Cg0ArKJSzIeI73sVPIn8EAE&cid=CAQSGwBpAlJWRFi6-wuIvqOpRz7j1YR9iR2Sp2so4hgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3462824633&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691510467418&rpt=1286&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame D234 37 KB
14 KB 36ms
35ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 01:17:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA48 42 B
64 B 97ms
96ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbjuBxd1-38NtJBaT1rI_VLv16YQaQOSB25oYBZJ7UKfCoG5eX_gqUac_1Q7BXm8FUVceJhy_Ra2UnflMU3hMbbBIyi8Te9gL274LSCOzP7I4-vZqwXDyqgfl1iv2MyDTaQYqqa7p1tUhSItuOqgEyEtpTKgDtvY6eRp-8qzWzvDCxSuQHW6gvMaaUD0oI-vtIh-LX_xQVmmz6pPPj4rEdvPNuHQ9FAxn5B3UFwLg5JBIwCZSoD_4DDZ5fvNQ9Rvty85SRnTGU_pFje116vsatP9cPih4NelUk8x-hiE9LOu6Q71pCwbmYyM96YCE1539Kb2zRWNYzBvCbNXKbWyuJxkiPgoOL3zN_awbajW3Ff0G8DTpijpkJ1LEZj-KlYC7q3mqVsw9eoNl_EbnHniAsaSi8JpT_Q-h0P7knEaixH8EnGAn8qyf1qGDSyhiR4U64c0QpUGBSCjifsjD3Z-cPXcUyw-X_Cm757GZvYjyATrVQV3Vwi-FMdlvd_oVN5S_K6OBd3jsLaFlENUu869wGmDEock20ER_1GB5rNV7Fuq5js7L6F9OnnFiBO-zLOk317yDbvHyCo5kLXhn1_KwQdeutfCa9x-HM1u8_Y53QQDeQNdGC2yP_x9SkkQNbv6oEGThb6DVk1armvQXmTTRvbVW3M8Gwd943YwyBVpuFiIiPZ-ZtOFohospiMD241AigXtPO4PL0pOqb3hUs5cVNLOpUmWKcltXTQf11Z4xxI1U8it52SkAU---9Yn1M66yQfFeGhKqxficKueiHYCe2rZ8W-J1Xx4ozQY-JMxGpvbEGCGH9uF6ONreGvX54YjZTNm_mOSLBBXIYPycRvjSD1l7fohg-ZthG2aW84M-YtcHI3D48dpHTYOUWwDQNx6G6dZtTV5YV4VyBlwrlVcuy0Zfc44fIjd-jmCAem_TiZOgI-Xy118H8oWt4QBeSlORYR3jevosQoPfuZOWMrgyHXnQVt4S3XMTSuLIfKodSIqyTs3bOSAKxiALR2Xd3qpWcjLYq3p-xPz_GiXeq6e2clqToit2li_o49g&sai=AMfl-YSF0K3L7N5zgKQ6zBub_OlyBodv9s78nKqNzF1MRroHDGjwfosbqVlez58YWy5S3Lci04n1riUom4-LnE1TZXSbrMjfn4FCIg&sig=Cg0ArKJSzJEriCyIZBLLEAE&cid=CAQSGwBpAlJWxJyIxeA6jWZLlFUHWsIkFfvnh8ocDxgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3462824633&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691510467446&rpt=1299&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:01:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CED4 0
0 69ms
69ms Image
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230803&jk=953738484223395&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H3 204 AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 192ms
71ms XHR
text/html 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YZqI-Mkw7abTRSciEN3azQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-YZqI-Mkw7abTRSciEN3azQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fakemail.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D234 0
10 B 77ms
61ms Image
text/plain 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?K4-o0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 google-afc-,728x90,.swf Show response
fundingchoicesmessages.google.com/f/AGSKWxWTZc92OI1tzouUzV44AGhnZtVm9we96BcpP-uYYIG6N7kfH566jQyX07obgmsM6BfbWMadcNWRo-icdJ8I-Okg9aYoffPClS2SheP42iQFOq8weZY6cuHtPofxTiXqwWAFq5QcNq3xZbu6AMKNUSk9WcRZh... 54 B
109 B 99ms
95ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWTZc92OI1tzouUzV44AGhnZtVm9we96BcpP-uYYIG6N7kfH566jQyX07obgmsM6BfbWMadcNWRo-icdJ8I-Okg9aYoffPClS2SheP42iQFOq8weZY6cuHtPofxTiXqwWAFq5QcNq3xZbu6AMKNUSk9WcRZhv2wYECgDPU091_Hj3E7ArYiHru67oK4/_/poll-ad-/vpaidad3./google-afc-,728x90,.swf?2&clicktag=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VlcPQmlssRw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxRx4r9OQJxhgz440Mto5vfHfafyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

6a6cc948ed39f7cc5a856140982322937fdc24ee872d017de802274a845ebfc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lgECxEsnhLrAmRzGABiT1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-lgECxEsnhLrAmRzGABiT1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 63 KB
23 KB 48ms
44ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VlcPQmlssRw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxRx4r9OQJxhgz440Mto5vfHfafyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d78168f7d30e6d8b8cea98e125e6e9a80d0bc9ab2d00750161952b9afbe79107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23842
x-xss-protection: 0
server: cafe
etag: 16445705997412244728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:10:04 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_0tvSD1dpCUM9HKJ9pIg_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-_0tvSD1dpCUM9HKJ9pIg_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fakemail.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230803&jk=953738484223395&bg=!HB-lH0vNAAZGOVy5Zjk7ADkAdvg8Wov75i4VhVzRkkbkK0OfqVe8OS5hHzy_5mWtqh35jm8ZM3-RIxLZEgeM1hwtwCNVNFBy4FECAAAAo1IAAAATaAEHCgCXDAzYxV1RTSXdSMSV6vYgGcoDdvKC3Z0PjgaO8rRB5dCx7CHY8rvwdc41oL8QH36ax6ELem1BdFIdxP0KP3Rshceb-GL4rtgICYWXCZOj42Axivp3J-5_MoKGcShpGuVUs_LbqcU5ySc3xTq3YcNIAQzM9RHurfgi8X3r31vVTg2IYgsyGhYdpbnF2KvCdxm402S1dM4Y2pkCo4DMGPcFLQhpfHp6aRTQbaX9umEy4xTS692hUExZjbYk5-iQCeA1oS28iprva5s6w2Iy2nD4ktioBWWeH5S9wcweGXSqaGHmH6C8VMeNI4OF7pAX5LnSMcaAS0Yfn3qqh1isNZ9UlHqpWhyvVnbj6tDQDvN3PgBAWA6UNNjN4sG8EZy091p9aCkZyXA4ARJStBbr078Tf9K-XbiD8Clu7ySkXU5KBBGzTju-0aFjtzpjPdN5UbUwNety2sh_GLzAc09Fsg3MykZSomlR0TY36E-zH_a6tP13Cxx98YwDRih_Vm3KpTqgvIWutYwN9ltwkUhVrtB9qoD5DXjppExeSu8Q3akTtZ33xA1qeZZKsisQ4HoBhvm8H2Ipy0Ms2uI95Ku-btZQ20qHrUulZ3oDvk5wVCHfEddaSyI6A1CU8JjTjrotk0FhV2lJoDHUF3s6sUtxVfc5uMnLDQInWiwMuDbIDUXoIczZZRH5vQavT952HEMPOtfwgruLxToOPEgOUc3_5D98ZpvgX0kq66TJ3c0NJdg6OhneiYZstc1w8rV3xLfztHFVPBzeormLPBBjQ1DX2auv4zCMS5Hr6YFzUZyTBfSigjeXlWH0x0v62cmo0tdGnbM-dmVDEZiW-f535ekkykontAd8rtJMMTFfw3vV1F3KAKvsivaM-Ofc1EGkLfLcEIRSSLvO15s2VrwjUzORjbiz-IKbdd4SKhhbF1Ac-sn14adA0W390A6gATrPJOUpsHq7zLyPwgw4dBxpax0uL36GfhO_TAoNhvQT8rR5kBnZNDA4gMCIebBBcVu28JR9t4faYKseufejNwZ16rVnPHiTyGyAwU87O8IhbpKklIdHZ79cgFbUmChmCs4RggqS9b4E96F7sSgPDj9_kxYM9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RrgOCuRlga7DPmWhszfqRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-RrgOCuRlga7DPmWhszfqRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fakemail.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A2KzXk-QKjIQb4hubi_sDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A2KzXk-QKjIQb4hubi_sDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.fakemail.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGR4ienkyPBujEbJrcko1RqktlG7jdECkiXgX7tMkUsGShNfBD_bG4oRPaShJPQXxOteibBMVCFSgwGfuRETKhCFdj5vBZ75S93LBlM92Wx8OPguroBY1NCnF7jF_-hsnZ0P1CPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OWYG6j-P5Ay3bX_Jp1DM2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-OWYG6j-P5Ay3bX_Jp1DM2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.fakemail.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWDof_Voo8SEwzL_RJn9rUuIo5ehPIJ1YWsQVHcq7kIKvoxbNfIjHnHP-XsVgcNMivbRo6Rr-AogpEZYtvwnA2CgRpaKNGoLD6vgttunPbUMesWyhI8PllU8-2mgfCEOkRl3_VzFA== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 92ms
90ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWDof_Voo8SEwzL_RJn9rUuIo5ehPIJ1YWsQVHcq7kIKvoxbNfIjHnHP-XsVgcNMivbRo6Rr-AogpEZYtvwnA2CgRpaKNGoLD6vgttunPbUMesWyhI8PllU8-2mgfCEOkRl3_VzFA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxNTEwNDcwLDU4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZha2VtYWlsLm5ldC8iLG51bGwsW1s4LCJWbGNQUW1sc3NSdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

7ac9608e0f3200e7c194e9988b323638060509224d154cd3eea236eb06bcb905

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QiaAAXiKRWSMptiEo_ewmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-QiaAAXiKRWSMptiEo_ewmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVYHykdr9sBXpmk0p9iPdvNmXY4KuqDPQL8rNaS5b95WG5ZlbkUECMlbNVuHkStQPXxjITp9s4i0BKsbVvFrARCu2vpO2jFcD3dX2WtckjVEKAFhy0zYka4-WCeIocPQEH3rpoRg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
70ms XHR
text/html 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVYHykdr9sBXpmk0p9iPdvNmXY4KuqDPQL8rNaS5b95WG5ZlbkUECMlbNVuHkStQPXxjITp9s4i0BKsbVvFrARCu2vpO2jFcD3dX2WtckjVEKAFhy0zYka4-WCeIocPQEH3rpoRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HewBgPEtA6PS0nQpUpYXnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-HewBgPEtA6PS0nQpUpYXnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.fakemail.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW-Pl3ZFyFKBT8faZgYWE4G41cwvON8uZx07BK1fLVast8ZEERDYUtN9AFtT9Qv-vuTcjzhXP8DKr0TgNAjBHggRnVgV8HQehwCcS6_KMubauOB5Th0uTraUcDGKVgKaMwlhryi7g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 138ms
138ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-Pl3ZFyFKBT8faZgYWE4G41cwvON8uZx07BK1fLVast8ZEERDYUtN9AFtT9Qv-vuTcjzhXP8DKr0TgNAjBHggRnVgV8HQehwCcS6_KMubauOB5Th0uTraUcDGKVgKaMwlhryi7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxNTEwNDcwLDY4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZha2VtYWlsLm5ldC8iLG51bGwsW1s4LCJWbGNQUW1sc3NSdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

ccc27fe1d97fa18eb9d4eac18b40b9e36480af23f7993664c165d9e5fb920ac2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FN1Vcr94G7nM0PLKVKodJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-FN1Vcr94G7nM0PLKVKodJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
www.google.com/afs/ 0
19 B 80ms
79ms Image
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=pub-7740240375137244&output=uds_ads_only&zx=uk6kxpqs9g7t&aqid=xGbSZLrWIoXAmgSr5pKQAg&psid=5134551505&pbt=bs&adbx=0&adby=0&adbh=0&adbw=0&adbn=master-1&eawp=partner-pub-7740240375137244&errv=552777282&csala=347%7C13%7C406%7C345%7C11&lle=0&ifv=1&usr=0&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-QrqhZyRRZeOtlC6EpaaR3g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-QrqhZyRRZeOtlC6EpaaR3g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 08 Aug 2023 16:01:10 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AGSKWxXYuegDIuDP7PTyvu_QU4BvBOpchTqqQbCmzcUlO-rUmpWaqKUD-fWFkSN0K8OQdH5FJjUqSXOJlr7O9Enge9oJVyGvOT4pJcgjAaeLnK7qpI6e0wsR1VWLrAdf8yVOUNvTRjQ4rQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
90ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYuegDIuDP7PTyvu_QU4BvBOpchTqqQbCmzcUlO-rUmpWaqKUD-fWFkSN0K8OQdH5FJjUqSXOJlr7O9Enge9oJVyGvOT4pJcgjAaeLnK7qpI6e0wsR1VWLrAdf8yVOUNvTRjQ4rQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxNTEwNDcwLDgzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZmFrZW1haWwubmV0LyIsbnVsbCxbWzgsIlZsY1BRbWxzc1J3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

3ebfdf049c2159e49b297a6d386703c2501643c4a14044b971636645147deb76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rxcQRMHQm-pPSESbzruDRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rxcQRMHQm-pPSESbzruDRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUAt2O6Sgi8epm4LuMbVJbOXsPq9erQC2RxftD-LlpJXCvqRRZNtWiszMUxQqmS1ySQv22yXhq3_IY4x1hQgYVS7Ko6cQMjFmBukDrItwJb7V8PRw6ImN3ggPZt0FiG86WhxJVLQA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 78ms
77ms XHR
text/html 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUAt2O6Sgi8epm4LuMbVJbOXsPq9erQC2RxftD-LlpJXCvqRRZNtWiszMUxQqmS1ySQv22yXhq3_IY4x1hQgYVS7Ko6cQMjFmBukDrItwJb7V8PRw6ImN3ggPZt0FiG86WhxJVLQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O0U4nRyrQplqS0MPEdwy0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-O0U4nRyrQplqS0MPEdwy0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fakemail.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVYHykdr9sBXpmk0p9iPdvNmXY4KuqDPQL8rNaS5b95WG5ZlbkUECMlbNVuHkStQPXxjITp9s4i0BKsbVvFrARCu2vpO2jFcD3dX2WtckjVEKAFhy0zYka4-WCeIocPQEH3rpoRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bo3h0QnHeywLKD2yvIWRVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fakemail.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Aug 2023 16:01:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bo3h0QnHeywLKD2yvIWRVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.fakemail.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
www.google.com/afs/ 0
19 B 78ms
77ms Image
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=pub-7740240375137244&output=uds_ads_only&zx=tmffdox2eudl&aqid=xGbSZLrWIoXAmgSr5pKQAg&psid=5134551505&pbt=bv&adbx=0&adby=0&adbh=0&adbw=0&adbn=master-1&eawp=partner-pub-7740240375137244&errv=552777282&csala=347%7C13%7C406%7C345%7C11&lle=0&ifv=1&usr=0&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-at-s31kwg5ynXX70VOxQHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.fakemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-at-s31kwg5ynXX70VOxQHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 08 Aug 2023 16:01:11 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.escalated.io
URL: https://tag.escalated.io/post

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fakemail.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: toh2bdlom6d0fb5eng5f7kimr9
.www.fakemail.net/	1970-01-20 14:12:00	Name: TMA Value: brighten.aedin%40fixedfor.com
.fakemail.net/	1970-01-20 23:27:50	Name: _ga_1BZVQV8CTE Value: GS1.1.1691510467.1.0.1691510467.0.0.0
.fakemail.net/	1970-01-20 23:27:50	Name: _ga Value: GA1.2.1691242536.1691510467
.fakemail.net/	1970-01-20 13:53:16	Name: _gid Value: GA1.2.1608026891.1691510468
.fakemail.net/	1970-01-20 13:51:50	Name: _gat_gtag_UA_46883802_16 Value: 1
.fakemail.net/	1970-01-20 23:13:26	Name: __gads Value: ID=4f111c23c690d82d-22f0a35e93e30082:T=1691510467:RT=1691510467:S=ALNI_MbseJuqvVrJcDfDY3ugDMLKxfznmw
.fakemail.net/	1970-01-20 23:13:26	Name: __gpi Value: UID=00000d897d6c84c1:T=1691510467:RT=1691510467:S=ALNI_MZ7Yr23T8j-zKYu2ppKPCbmt55lTQ
.doubleclick.net/	1970-01-20 13:51:54	Name: DSID Value: NO_DATA
.google.com/	1970-01-20 18:15:21	Name: NID Value: 511=lheYM5OtGgIJSwM_luec2hB6vnk9IU_ry8z8N5A-fTsVzOVti1VuhQhykfFhfboN16_iAB2DLO_VJsYT-O0pL1XHMjFOSKYPCsW41x-CgijOyeIxdFHrs6XUAEP6eiEWj1FTpEIUfDw4fGHt0bgpp0FlPpbzI2bkRlJpIUOAKbQ
.fakemail.net/	1970-01-20 23:13:26	Name: __gsas Value: ID=af3fa6882f97ec9b:T=1691510468:RT=1691510468:S=ALNI_MbQCj0c7Tiqm_UwELbg53el5-glzw
.doubleclick.net/	1970-01-20 23:27:50	Name: IDE Value: AHWqTUnyqOsv-fp_yAniR_aNUlNLwgwZ2cVdsoautnLXIsQ4rykZoBw57jZcSWBHk4E
.googleadservices.com/	1970-01-20 16:01:26	Name: ar_debug Value: 1
.fakemail.net/	1970-01-20 22:37:26	Name: FCNEC Value: %5B%5B%22AKsRol9iRy2qIEeXY3obBCebB0OKTojhwG-RESV9vBYSy1KV63h5na9gvcf6xyrWYMHg--DG03_WK0KrexHXP1HaH8C9PoLLXmYyCV8GwOo8n7pZg4CZFc5yaEvt-jkVjMIYlWHwvIfDsOyqK-7mtDCC_Fv2i1LQAw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.fakemail.net/ Message: Access to fetch at 'https://tag.escalated.io/post' from origin 'https://www.fakemail.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://tag.escalated.io/post Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.fakemail.net/avatars/undefined Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 216) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.fakemail.net/ Message: The resource https://fdn.r.worldssl.net/fonts/glyphicons-halflings-regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
fdn.r.worldssl.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tag.escalated.io
tpc.googlesyndication.com
www.fakemail.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tag.escalated.io
142.250.64.78
149.56.134.162
172.217.13.104
172.217.13.129
172.217.13.130
172.217.13.131
172.217.13.132
172.217.13.174
172.217.13.194
172.217.13.202
172.217.13.97
172.217.13.98
172.217.13.99
185.217.69.108
3.131.10.225
04caed86531e797d8572f4bf481bbb163ba7299e6ee8dd6c8e36a43740ed4047
0749708d0d2ea1a694e6469aeb6c5b285ec7a47fa58d15d24c99b93fd3c1c68a
0cce957c4d2d3fceda873fda9d1e6e713bf2a4fdcd0b53b309314c41fe6d5abd
1388ddde6330e984dfdcacd97ee590c84ddc9ada0dd38ca7cf7c171b408eb11f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
17cbd8955be64d6b9d020804303b64602a76fb1e1ecabd4497c3928a98dba46d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
27f050c61f9aedcc4397d0de890aea575adfb83ead1cfe777a9bad5160e8314c
28486ccf716b9c2cfaee71d3d379894761fc2312131acee4bdb71d639357a308
2969fa3ecdbf9382009c1cdee8ca2584611c657bba25c9bc0ee5d7f54e6b3680
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31104f9fce8dd4dedcbfc387f2bb8aa1bbbe2a0471b49416e76401e5df8e0e9d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
34159cf783ab2cf66f6e783c51da28a8a6364a1a7afd5858c9a13998b5c48c82
352281b77e440f8c176cd473e9ed5b102bf1efcd360ae2130c9b8649115cf44f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b494ec72ee3207b6a64ea04aca145e7896c9ac42390379c74978c77e6bee027
3e345291de64472288403e79f0e9ec718d44d7e44dc31c3d5048bec41d142d8a
3ebfdf049c2159e49b297a6d386703c2501643c4a14044b971636645147deb76
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46516e714e14aef3a9e91a6b0543d6e8fd399f2f7a5197ce4c1c34ce80a65c7a
46b2700db35eb798c0bf5e5e4985970e043b9355ad4e2c632a957352d8a3b91b
46f035415748083ed190c52117c6e748a342aff94fc4cafdc0c35d398ece7695
479671c1ab130d583276d46aa3565025f3a9849ea195913077abb1fd72d612f6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54f2fd717a7364aea28e73cc869b8474a461fa5ec1f92f6b8930cc2d7744ab59
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4cc8b4df06881ba671ef97dfbac6804e5c6ad9db05254103495b3a00e9e250
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e475c14e46d1050d2e517f9fdc52844790a0989bf03da184017222715c02b0f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
615fa6f08b869347a392b3459c9e735d4965b64187713aad6db4ad6da455c3ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65aca0ac7a083d9136028e79dc4a1ad0d8940df76584b4249cc096e66c7fc498
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a6cc948ed39f7cc5a856140982322937fdc24ee872d017de802274a845ebfc8
6a7d21041f4851f64d594dfb27f2591b8c7eb33d242e7f9c463eef3d0d1f236c
6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed
6b6a2af57f476a1dde6def4e516f259ace58a0b75557df8ac6b8c9da2e10558f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f64c6f81817f10bee33c71594ba9530732bd27fb289ae39687942fd5ffc480f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
795e8d81dd695e1d72ce0f1b91517bf55cd38bb8aaa0602ea36cab3d7b465bd5
7ac9608e0f3200e7c194e9988b323638060509224d154cd3eea236eb06bcb905
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
866fed2a114584ae35ddd26e7b70107aa0c7205d3905135c091931650c714579
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
942cc5b35a3bb1484a631dc6dd2640d60ecbc4f0d3562077f92d2cbf60a37e01
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a84ae28fadb08dd651bb6972239dfb938e65be8f7e4ca76c20efaf85301ee005
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab665787f9e88b6c8fbecbdb2c673b588807978780506119e0df0f4dc63386a2
b63c93cd3409f8d42f976526faf2c9a584bc2afebeb01d3980f3f0c8b2bce867
ba49c063df3a19de12fe2d1fd98cc278408f8ad839808206192c4e4ce1c52e9e
beec2de59b5fffb51dc76169005f86244a6e3350f848e66cfc87b67126b1c404
ccb7d8c55ec9a039269c197e669221f7740b4fc8b9c569eed287195ce4e6b67c
ccc27fe1d97fa18eb9d4eac18b40b9e36480af23f7993664c165d9e5fb920ac2
cd0cbbbbd37761b2ff542244d13204005d3b455038cbc0350408d320682f8bb6
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d78168f7d30e6d8b8cea98e125e6e9a80d0bc9ab2d00750161952b9afbe79107
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a
e1de83b8d7ec973176be5d91ce8274f7e6f4b98cea725bf47932989068a6d687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64dd008c296f82c598f2e8b56875d678f31c87fc10062d8db196d3ce078db0d
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
eaa5271bdc244627329b393cad9e6dbed8a4bbb29647a8b5b5fff82cc995f599
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f005ad9be8e7f28090ba5a8ac764060a2af02625fa54d40881ffdf57ccc5c241
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9dec9c0ebfe4cf814bc37b0fee3177fb6df635f224360d7050b8e9dea27795f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe7c69197fc25d2236fd9c4de67c46fb2707a061f49aa8dd51a65f35cfee5cd2
ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1

www.fakemail.net Open in urlscan Pro 149.56.134.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

97 %HTTPS

0 %IPv6

13 Domains

17 Subdomains

16 IPs

3 Countries

1700 kBTransfer

4404 kBSize

14 Cookies

8 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fakemail.net Open in urlscan Pro
149.56.134.162 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

97 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

1700 kB
Transfer

4404 kB
Size

14
Cookies

132 HTTP transactions
14 data transactions