ohio-pages.com Open in urlscan Pro
45.77.92.122 Public Scan

URL:
http://ohio-pages.com/
Submission: On August 16 via manual (August 16th 2021, 7:56:05 pm UTC) from US

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 11 domains to perform 100 HTTP transactions. The main IP is 45.77.92.122, located in Miami, United States and belongs to AS-CHOOPA, US. The main domain is ohio-pages.com.

This is the only time ohio-pages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	45.77.92.122 45.77.92.122	20473 (AS-CHOOPA) (AS-CHOOPA)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
100	22

16 45.77.92.122 (Miami, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.92.122.vultr.com

ohio-pages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	475 KB
19	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	156 KB
16	ohio-pages.com ohio-pages.com	393 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	151 KB
8	google.com 2 redirects adservice.google.com www.google.com	978 B
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	googletagservices.com www.googletagservices.com	176 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	google.de adservice.google.de	409 B
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	googleadservices.com partner.googleadservices.com	657 B
100	11

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	ohio-pages.com	ohio-pages.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ohio-pages.com www.googletagservices.com
12	pagead2.googlesyndication.com	ohio-pages.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	mc.yandex.com	2 redirects ohio-pages.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	static.doubleclick.net	googleads.g.doubleclick.net
3	fonts.googleapis.com	ohio-pages.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects ohio-pages.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
100	15

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://ohio-pages.com/
Frame ID: 5DEADA8BE67520FBDC01BA9C8DBB9DEC
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 2F94166B985D53D486E8AC9D1C2132D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&adk=1812271804&adf=3025194257&lmt=1629143749&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fohio-pages.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629143748983&bpp=5&bdt=244&idt=56&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3953490637468&frm=20&pv=2&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=70
Frame ID: 38D75EFFB1151118637A2D51797EE6A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76
Frame ID: 4D7F629C7E4C0AF0CFB6F0C34AFD3E9A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8
Frame ID: CE06668EAF71AB3058E8F972A3C52D95
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10
Frame ID: 3D3D3A5CBAA55E6BE3130E041E35C421
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Frame ID: 1ACB30C241B901E5EC95323DABDE6E07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 31F877B2CD5427CE84801631AAC26A6D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 608AC1D6EADBEA8B38947BADB77B389C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D775B3B55F2363FA903905D03CD05035
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: A07E940ABFB0291DBC54DEB6AC240FF7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Frame ID: 601FAAC756FD8A51F4104BA857BB68AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 99642C6C488C7BFF97D7928F4A1394C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A822FA1132F6ABFAD14F3F04F343EE8B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDFAF03B5D8A0B49F80A78DC47381911
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

100
Requests

79 %
HTTPS

90 %
IPv6

11
Domains

15
Subdomains

22
IPs

3
Countries

1428 kB
Transfer

3043 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9367.JUH5u_BI08naZeU8EXB-xRiM-v86gB183HDkNeqYGviiAabIjOtxXhsvYRRN47Lp.m9vICp8nDJZdBISTDVuFCVt5aqA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9367.45GicZwa5uaQ_goJUrtbe3t85dhg9xxQn2SYeQBUIP1zNQ5_hz6R9nz7S_h9tJJZveee0nw7Wsii6EMxC6wS7A%2C%2C.r1-j1W_HzFc3OUIG7knHKdsi8_o%2C

Request Chain 46

https://mc.yandex.com/watch/54190162?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1422304100177%3Ahid%3A668722952%3Az%3A120%3Ai%3A20210816215549%3Aet%3A1629143749%3Ac%3A1%3Arn%3A409719313%3Au%3A1629143749591369985%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629143748418%3Ads%3A13%2C5%2C298%2C1%2C0%2C0%2C%2C462%2C1%2C%2C%2C%2C783%3Adsn%3A12%2C5%2C297%2C1%2C0%2C0%2C%2C465%2C0%2C%2C%2C%2C784%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629143750%3At%3ADirectory%20of%20all%20companies%20of%20Ohio%2C%20USA HTTP 302
https://mc.yandex.com/watch/54190162/1?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1422304100177%3Ahid%3A668722952%3Az%3A120%3Ai%3A20210816215549%3Aet%3A1629143749%3Ac%3A1%3Arn%3A409719313%3Au%3A1629143749591369985%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629143748418%3Ads%3A13%2C5%2C298%2C1%2C0%2C0%2C%2C462%2C1%2C%2C%2C%2C783%3Adsn%3A12%2C5%2C297%2C1%2C0%2C0%2C%2C465%2C0%2C%2C%2C%2C784%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629143750%3At%3ADirectory%20of%20all%20companies%20of%20Ohio%2C%20USA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

100 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
ohio-pages.com/ 48 KB
6 KB 316ms
298ms Document
text/html 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

f29da91eb4b01d4f02a975fefc3c2b8e536dd4c4f1cf46494f2ba20338f93cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: ohio-pages.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 16 Aug 2021 19:55:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-UA-Compatible: IE=edge
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
ohio-pages.com/css/ 77 KB
15 KB 130ms
128ms Stylesheet
text/css 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

http://ohio-pages.com/css/main.css

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

6fcb80c2f7da62ab86aff7ddb9f600c89a04c48f8ea4bbf9465b20ff4be0ee4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:17:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Tue, 16 Aug 2022 19:55:48 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076465e4f42950c02914a0959bc60c6b599f932f67af5984b6e9fcbb7a28a7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 16 Aug 2021 19:55:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10270354377039586025
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49879
X-XSS-Protection: 0
Expires: Mon, 16 Aug 2021 19:55:48 GMT

GET
H/1.1 200
OK main.js Show response
ohio-pages.com/js/ 102 KB
36 KB 234ms
227ms Script
application/javascript 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

http://ohio-pages.com/js/main.js

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

ac0927e9e6c9f1b26c87f3ad4c1317b0dfa4543877fc82beb77e5eb4aaad6299

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:17:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Tue, 16 Aug 2022 19:55:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 2F94 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 21:06:33 GMT
expires: Sun, 29 Aug 2021 21:06:33 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 82155
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
94 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8999984850952140&plah=ohio-pages.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 19:55:48 GMT

GET
H/1.1 200
OK 404604.jpg
ohio-pages.com/img/companies/40/404/4046/40460/ 61 KB
61 KB 123ms
122ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/404/4046/40460/404604.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

12954dfcef5b989606e2f6af59e06729ae294f75808baf76d030b20b584ae2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:33:39 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 62093
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 399869.jpg
ohio-pages.com/img/companies/39/399/3998/39986/ 25 KB
25 KB 251ms
243ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/39/399/3998/39986/399869.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

8c8e7e5c3062e4163d1cd57bac773352ca5aa8251803d59e0ef4fbf9997c6372

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:25:37 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 25769
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 397298.jpg
ohio-pages.com/img/companies/39/397/3972/39729/ 6 KB
7 KB 252ms
244ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/39/397/3972/39729/397298.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

ccfb41f0e22eeb691e08860cfd6a60527b12e9ca4800d043fdc915f63a733302

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:21:17 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6511
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 408551.jpg
ohio-pages.com/img/companies/40/408/4085/40855/ 35 KB
36 KB 245ms
237ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/408/4085/40855/408551.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

4d5ff36dae5a7f484074ad1477214eed2bbefeec7212e016fa798458dff88668

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:40:35 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 36037
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 409500.jpg
ohio-pages.com/img/companies/40/409/4095/40950/ 19 KB
20 KB 302ms
115ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/409/4095/40950/409500.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

3870f6bc71e11372205be748fd6680edeb3a870b9ed0947e502fccd0d06c1acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:41:51 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 19676
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 410644.jpg
ohio-pages.com/img/companies/41/410/4106/41064/ 44 KB
44 KB 125ms
124ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/41/410/4106/41064/410644.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

89c4d116031c259eb25705c8d9ef3b5b8caf6c17dbb5776703b2740f44e34709

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:43:49 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 44644
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 411606.jpg
ohio-pages.com/img/companies/41/411/4116/41160/ 21 KB
21 KB 115ms
114ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/41/411/4116/41160/411606.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

c40c1e474273c8a9c8bfe52a925f6b4d9a437195f8c4a5367666febc83fc48b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:45:28 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 21658
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 409391.jpg
ohio-pages.com/img/companies/40/409/4093/40939/ 11 KB
12 KB 123ms
123ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/409/4093/40939/409391.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

b3fc84f3ff000a2cd38479ec42583252c986ec54d381684f86e37fe7eb173ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:41:43 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 11445
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 403118.jpg
ohio-pages.com/img/companies/40/403/4031/40311/ 11 KB
11 KB 119ms
119ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/403/4031/40311/403118.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

f881923e161f7af866963e8619fb78d354db785c527b040ece5514ef451281a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA; _ym_uid=1629143749591369985; _ym_d=1629143749; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:31:33 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 11370
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 404924.jpg
ohio-pages.com/img/companies/40/404/4049/40492/ 16 KB
16 KB 117ms
116ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/404/4049/40492/404924.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

9dbeeeb066231533bae19f24ee27620b4cde6d386ae20ee8c8c24c362a1a7362

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA; _ym_uid=1629143749591369985; _ym_d=1629143749; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:34:13 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 16528
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 401286.jpg
ohio-pages.com/img/companies/40/401/4012/40128/ 32 KB
32 KB 126ms
125ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/401/4012/40128/401286.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

ff72ceb91de38af8bf60746c572077e24e31b2ec416cce001d6270f736ada93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA; _ym_uid=1629143749591369985; _ym_d=1629143749; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:28:14 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 32473
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK 401560.jpg
ohio-pages.com/img/companies/40/401/4015/40156/ 7 KB
7 KB 128ms
128ms Image
image/jpeg 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ohio-pages.com/img/companies/40/401/4015/40156/401560.jpg

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

40b828115d9614c503cfc440ce3495ff3546452f5e762611e761c1f59f4ce518

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ohio-pages.com/
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1; __gads=ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA; _ym_uid=1629143749591369985; _ym_d=1629143749; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:28:39 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 7199
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
ohio-pages.com/webfonts/ 44 KB
44 KB 252ms
247ms Font
application/font-woff2 45.77.92.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

http://ohio-pages.com/webfonts/fa-solid-900.woff2

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/css/main.css

Protocol

HTTP/1.1

Server

45.77.92.122 Miami, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.77.92.122.vultr.com

Software

nginx /

Resource Hash

7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: http://ohio-pages.com
Accept-Encoding: gzip, deflate
Host: ohio-pages.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ohio-pages.com/css/main.css
Cookie: PHPSESSID=80orvvg1dtatmlsv0al9m5d3u1
Connection: keep-alive
Cache-Control: no-cache
Origin: http://ohio-pages.com
Referer: http://ohio-pages.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 17:17:57 GMT
Server: nginx
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 45132
Expires: Wed, 15 Sep 2021 19:55:49 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
657 B 50ms
28ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ohio-pages.com&callback=_gfp_s_&client=ca-pub-8999984850952140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8999984850952140&plah=ohio-pages.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

537667629e739afb24908b0119998b67bd86f91b6b259df058da42dcf714505e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38D7 86 KB
28 KB 295ms
294ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&adk=1812271804&adf=3025194257&lmt=1629143749&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fohio-pages.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629143748983&bpp=5&bdt=244&idt=56&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3953490637468&frm=20&pv=2&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=70

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eca339eb0eeff49ad709e990b67d6faf5498a5b7c6c1caa1b58af8dd1b3ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8999984850952140&output=html&adk=1812271804&adf=3025194257&lmt=1629143749&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fohio-pages.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629143748983&bpp=5&bdt=244&idt=56&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3953490637468&frm=20&pv=2&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=70
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 19:55:49 GMT
server: cafe
content-length: 29030
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 20:10:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:49 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D7F 80 KB
26 KB 406ms
406ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070f8600d1bdd18dd7ae0266730d0f01ddd3aeeb4e32ece65ede7d1bcedcc919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 19:55:49 GMT
server: cafe
content-length: 27101
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 20:10:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:49 GMT
cache-control: private

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/js/main.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c81231f5886b450055dbf66f67b61d7db069c03a4a1b82d5e149a1abb513877c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 19:55:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Aug 2021 19:55:49 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
72 KB 48ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: br
last-modified: Thu, 12 Aug 2021 09:51:50 GMT
etag: "611112b5-11dd4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Mon, 16 Aug 2021 20:55:49 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ohio-pages.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:44:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Aug 2021 00:22:57 GMT
Server: sffe
Age: 587455
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14992
X-XSS-Protection: 0
Expires: Wed, 10 Aug 2022 00:44:54 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ohio-pages.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:30:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Aug 2021 00:23:25 GMT
Server: sffe
Age: 588291
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Wed, 10 Aug 2022 00:30:58 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ohio-pages.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:39:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Aug 2021 00:23:34 GMT
Server: sffe
Age: 587799
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15112
X-XSS-Protection: 0
Expires: Wed, 10 Aug 2022 00:39:10 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9367.JUH5u_BI08naZeU8EXB-xRiM-v86gB183HDkNeqYGviiAabIjOtxXhsvYRRN47Lp.m9vICp8nDJZdBISTDVuFCVt5aqA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9367.45GicZwa5uaQ_goJUrtbe3t85dhg9xxQn2SYeQBUIP1zNQ5_hz6R9nz7S_h9tJJZveee0nw7Wsii6EMxC6wS7A%2C%2C.r1-j1W_HzFc3OUIG7knHKdsi8_o%2C

75 B
75 B

51ms
51ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9367.45GicZwa5uaQ_goJUrtbe3t85dhg9xxQn2SYeQBUIP1zNQ5_hz6R9nz7S_h9tJJZveee0nw7Wsii6EMxC6wS7A%2C%2C.r1-j1W_HzFc3OUIG7knHKdsi8_o%2C

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9367.45GicZwa5uaQ_goJUrtbe3t85dhg9xxQn2SYeQBUIP1zNQ5_hz6R9nz7S_h9tJJZveee0nw7Wsii6EMxC6wS7A%2C%2C.r1-j1W_HzFc3OUIG7knHKdsi8_o%2C
date: Mon, 16 Aug 2021 19:55:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
111 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
last-modified: Thu, 12 Aug 2021 09:51:50 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 20:55:49 GMT

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 145 KB
52 KB 412ms
411ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8098ca7913e9596af5cd8f3f5547ab95dd70c8020a7f159db715aa66a5c9f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53275
x-xss-protection: 0
server: cafe
etag: 6303077415426690211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE06 100 KB
30 KB 435ms
435ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e47250d318153eb69361546532d5d4606fed13b8859b830c478c90432812c0f3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMKy47OptvICFYlo4Aodw8oNpw&gqi=xcIaYefvGNTt3wPAlLOoDA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMKy47OptvICFYlo4Aodw8oNpw&gqi=xcIaYefvGNTt3wPAlLOoDA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 19:55:49 GMT
server: cafe
content-length: 30223
x-xss-protection: 0
set-cookie: IDE=AHWqTUmJRSoJyQmtOhYspW1vsTMUHTNltcxTvNOs15qSoR-T9cZkqcwKjDWaCuEYiR0; expires=Sat, 10-Sep-2022 19:55:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:49 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D3D 79 KB
26 KB 725ms
725ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d63a2a3738bb205a6fcf780ca5e6043584c54c5a7f037a4a4cf581979a8259f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 19:55:50 GMT
server: cafe
content-length: 26835
x-xss-protection: 0
set-cookie: IDE=AHWqTUlmzGSzpHVgVRYZBZWIZuiahRHrz1gFQpnr8ryNsMaOMBKLf9CG5BFwL9VY_xs; expires=Sat, 10-Sep-2022 19:55:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:50 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 4D7F 3 KB
687 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 19:39:04 GMT
server: ESF
date: Mon, 16 Aug 2021 19:55:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 4D7F 1 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:34:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 4D7F 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 4D7F 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D7F 124 KB
37 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 4D7F 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:25 GMT

GET
H2 200 b0784018e1fbf9b21026a03ef4bd1046.js Show response
www.gstatic.com/mysidia/ Frame 4D7F 26 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 18:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:04:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 18:50:12 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7F 0
0 33ms
31ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVM_XxcIaYcrxBNnBx_AP_7O-uAncq5_mY4uI1NicDtGsrJukKBABIOaAmQxglQKgAfO5-dgDyAEJqAMByAPLBKoEzgFP0D946onCLewhxs46NEus8FJSPqFNEp9BiVLndvoWZMbDO4n_07uAKsZd8WHf9dppDDI6yZpcGPbxwgxGXlulKSoHIz2ssbUCBc99mMeUdPXhr_5o4SZYpZgl_PC9KCuOKf-5myybRu0eQfYJ4lRsBoLLqES7ipbZHL2-IicdE561MjOhj4nJY9uYDFNzGFGaPF_d3ycf7gAfZpHlXvwR6GptVsUciY1ZuT8wmygUhso7qK5bThYXNtKx-B0io6-oeYRM275xOZT2uMcFYcAEgsW1gdwDoAYugAf1xYYnqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJLZA9IICQiA4YBwEAEYH4AKAcgLAbgTiCfYEwOIFALQFQGAFwGyFxwKGggAEhRwdWItODk5OTk4NDg1MDk1MjE0MBgA&sigh=t2wcrcW8jYE&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 19:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7019320172655065396/ Frame 4D7F 25 KB
25 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7019320172655065396/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185166debcb00ca384616afd43643107a5fd2600953c304991a340d64615976b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:24:45 GMT
x-content-type-options: nosniff
age: 84664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25576
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 04:32:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 20:24:45 GMT

GET
DATA 200
OK truncated
/ Frame 4D7F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

1 Show response
mc.yandex.com/watch/54190162/
Redirect Chain

https://mc.yandex.com/watch/54190162?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/54190162/1?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%...

335 B
448 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54190162/1?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1422304100177%3Ahid%3A668722952%3Az%3A120%3Ai%3A20210816215549%3Aet%3A1629143749%3Ac%3A1%3Arn%3A409719313%3Au%3A1629143749591369985%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629143748418%3Ads%3A13%2C5%2C298%2C1%2C0%2C0%2C%2C462%2C1%2C%2C%2C%2C783%3Adsn%3A12%2C5%2C297%2C1%2C0%2C0%2C%2C465%2C0%2C%2C%2C%2C784%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629143750%3At%3ADirectory%20of%20all%20companies%20of%20Ohio%2C%20USA

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e2c1c2c296cc9eca9d8d076175453834ac65f94924c166bc17ec73ecb8c388c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 19:55:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 16-Aug-2021 19:55:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ohio-pages.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Mon, 16-Aug-2021 19:55:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 19:55:49 GMT
last-modified: Mon, 16-Aug-2021 19:55:49 GMT
location: /watch/54190162/1?wmode=7&page-url=http%3A%2F%2Fohio-pages.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A625%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1422304100177%3Ahid%3A668722952%3Az%3A120%3Ai%3A20210816215549%3Aet%3A1629143749%3Ac%3A1%3Arn%3A409719313%3Au%3A1629143749591369985%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629143748418%3Ads%3A13%2C5%2C298%2C1%2C0%2C0%2C%2C462%2C1%2C%2C%2C%2C783%3Adsn%3A12%2C5%2C297%2C1%2C0%2C0%2C%2C465%2C0%2C%2C%2C%2C784%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629143750%3At%3ADirectory%20of%20all%20companies%20of%20Ohio%2C%20USA
strict-transport-security: max-age=31536000
access-control-allow-origin: http://ohio-pages.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 16-Aug-2021 19:55:49 GMT

GET
DATA 200
OK truncated
/ Frame 4D7F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4138f41d5ba79b62a7db10963c8654d40abd898b4118a5302cf653f55798977d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 4D7F 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:32 GMT
x-content-type-options: nosniff
age: 503657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:32 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 4D7F 21 KB
21 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:15 GMT
x-content-type-options: nosniff
age: 503674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:15 GMT

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame 1ACB 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 20:29:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ohio-pages.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/ Frame 31F8 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUld_bXMXMgH9xkaBpdEy_eAMChiDW-dbZRlZ7Ta_Z6diYk7h-jR2yw3nCZp_z8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 21:06:34 GMT
expires: Sun, 29 Aug 2021 21:06:34 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 82155
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 31F8 0
0 30ms
29ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmjj1xcIaYcOcBL6Ex_AP3MmMsAWSwbW2ZPryu52kDgoQASDmgJkMYJUCoAGeuKSdA8gBAqgDAcgDyQSqBL4BT9D1aN5Cl10oxPoeIhhZ38eNrY4duZ4BISBhHc6a355xWKQxpT_WsCuunoSoMEeTrxBCAqfTPjiA2BhIstqmdBVsxOOi8QRrZC0Qsrg8dzjZYlmZBVFGGubjYAikGSW0j4fDDKt-aaKq6G9RPQdFirVhRJziD97IsfR1fCNtXZ0g394jEBCww6dXVKA_TGLc0MYOktR2ZH3BPiVdnrsCxOAFtAJ36Gz8H_0joNgLe6tlJGhOcfLVQx07JVhaysAEyJH6u9MDkgUECAQYAZIFBAgFGASgBgKAB8rH22KoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQsoM_0ggJCIDhgHAQARgfgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTg5OTk5ODQ4NTA5NTIxNDAYAA&sigh=uOIXF3J3J9M

Requested by

Host: ohio-pages.com
URL: http://ohio-pages.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 19:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 31F8 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 31F8 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31F8 124 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 31F8 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:25 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 31F8 26 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 8915488205478863544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:35:17 GMT

GET
H3-29 200 12169131203504624825
tpc.googlesyndication.com/simgad/ Frame 31F8 16 KB
16 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12169131203504624825?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnkjj2aVW8URFto_7x4_GYYpykMZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e90718dd61191ce49eb412eca695f3acad86e2d8a9e5fa1e4cf3f11c4a36cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 12:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 16:22:19 GMT
server: sffe
age: 198188
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16652
x-xss-protection: 0
expires: Sun, 14 Aug 2022 12:52:41 GMT

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE06 84 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 17 Aug 2021 01:32:49 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 608A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmJRSoJyQmtOhYspW1vsTMUHTNltcxTvNOs15qSoR-T9cZkqcwKjDWaCuEYiR0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 19:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame CE06 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame CE06 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE06 124 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame CE06 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CE06 0
0 17ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgy4OKT4WsOL5OSiALYM3UOqWBSOlXPXCKPvwt11bkWBQmPQT9hPSMNeR2QHA07pvAotmm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 6020893055269765648_18252258756446697145.png
static.doubleclick.net/dynamic/5/271519545/ Frame CE06 8 KB
8 KB 9ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/271519545/6020893055269765648_18252258756446697145.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b38d96014cfb4d2eacf93fd964104d51904f096204c6a600a4961ac990a45943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 08:58:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Aug 2021 05:36:24 GMT
server: sffe
age: 39444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8379
x-xss-protection: 0
expires: Tue, 16 Aug 2022 08:58:25 GMT

GET
H2 200 11560671555526112228_16983462233706628415.png
static.doubleclick.net/dynamic/5/271519545/ Frame CE06 12 KB
12 KB 9ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/271519545/11560671555526112228_16983462233706628415.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f808bde08204c4ea95c0cb50211919486211dfbd7bfdc39ce70b011cb5ce8a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 07:28:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 05:36:43 GMT
server: sffe
age: 476833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12539
x-xss-protection: 0
expires: Thu, 11 Aug 2022 07:28:36 GMT

GET
H2 200 15598201765907571033_7855352108183614754.png
static.doubleclick.net/dynamic/5/271519545/ Frame CE06 3 KB
3 KB 88ms
87ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/271519545/15598201765907571033_7855352108183614754.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21a3da6c6aba7f7f4c57b2f688479340e675b147ed930b0670201ad02f49dc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 05:37:13 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3056
x-xss-protection: 0
expires: Tue, 16 Aug 2022 19:55:49 GMT

GET
H2 200 12942553734026879270_10088628365030918708.png
static.doubleclick.net/dynamic/5/271519545/ Frame CE06 12 KB
12 KB 13ms
12ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/271519545/12942553734026879270_10088628365030918708.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a5c911ad4a2cd0c266525f6a0abfb6a5b706a27bce565b8ed10287bfc0c13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:40:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 09:04:29 GMT
server: sffe
age: 558915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12110
x-xss-protection: 0
expires: Wed, 10 Aug 2022 08:40:34 GMT

GET
H3-29 200 13334455873386141521
tpc.googlesyndication.com/simgad/ Frame CE06 9 KB
9 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13334455873386141521

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b503c9d547827b48de4dc23fc066226bb47d73fc6b4258377cc4fb83988f6992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 23:15:48 GMT
x-content-type-options: nosniff
age: 506401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 00:52:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 23:15:48 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE06 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEur2xcIaYYK8GYnRgQfDlbe4Cr3EmpJk0rbjkPIMvcCf4N0aEAEg5oCZDGCVAqAB8IWj2QPIAQmoAwHIA8sEqgTGAU_QUzlRM6nJb_o9tWtThWZwM13P4hyz3Vl-pwTXBWNAc5mi8OfvUTZfPySOqRxpqyTPhOQU5mjmKzQz_Bz0heFh67wu3g9MfdAoHODDHCXk0EaGeICsOBuARwGiqXFTisagYcP0iHFsxY0A2R-dEv7dl6dC6eIuARUlMus1upVVROVyL2_U2n3kAeaeow96H0PDLcIfcBlE6QQvJjPjtxW7_Mi2IoBpqdHCt1wewXGMFGJ90-Y9o29ubro6FUNKoRy47f5Am8AEtOLKnLwDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_j53CaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELDbCNIICQiA4YBwEAEYH4AKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04OTk5OTg0ODUwOTUyMTQwGAA&sigh=4nBQvIyqg5g&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 19:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D775 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmJRSoJyQmtOhYspW1vsTMUHTNltcxTvNOs15qSoR-T9cZkqcwKjDWaCuEYiR0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.2174288016~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MdivwoPfrT&p=http%3A//ohio-pages.com&dtd=8

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 19:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 31F8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 098549821422d0c20046f94d7d29afaef8549ba6133cb8f15938c57ef660b105

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CE06 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d754905e9858a3a4eadaf7a6fac2168deaf6eb522cb1fc76a1c9e544c036bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 608A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
40ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmJRSoJyQmtOhYspW1vsTMUHTNltcxTvNOs15qSoR-T9cZkqcwKjDWaCuEYiR0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 19:55:50 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 16-Aug-2021 20:55:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 19:55:50 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A07E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 515416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:33 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D775
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
39ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmJRSoJyQmtOhYspW1vsTMUHTNltcxTvNOs15qSoR-T9cZkqcwKjDWaCuEYiR0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 19:55:50 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 16-Aug-2021 20:55:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 19:55:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 19:55:50 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame 601F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 20:29:49 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3D3D 3 KB
578 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 19:39:32 GMT
server: ESF
date: Mon, 16 Aug 2021 19:55:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 19:55:50 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 3D3D 1 KB
857 B 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:34:10 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 3D3D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 3D3D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D3D 124 KB
37 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:50 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 3D3D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:32:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3D3D 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwMrk2zEq3coI_BMCF0XC-RAQ4d7TtRFmZuZ_RvuE67vOkVjqJoBnsFB7AwWW27PmzyEAG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 b0784018e1fbf9b21026a03ef4bd1046.js Show response
www.gstatic.com/mysidia/ Frame 3D3D 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 18:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:04:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 18:50:12 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6620186126669704024/ Frame 3D3D 43 KB
43 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6620186126669704024/downsize_200k_v1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae712a616928caed4e5df7aed443eb20908b4d2ad40ad4ed7caede85ff3b36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:49:29 GMT
x-content-type-options: nosniff
age: 97581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44231
x-xss-protection: 0
last-modified: Wed, 06 May 2020 19:03:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 16:49:29 GMT

GET
DATA 200
OK truncated
/ Frame 3D3D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3D3D 0
0 32ms
30ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8UezxcIaYbvYGdqi7gPkjKXAAfLNxJFk9M7csv8LkffH94MCEAEg5oCZDGCVAqABkK-AiQPIAQmoAwHIA8sEqgTBAU_QpxRxTNDLtnHYGMuNV41zn8gdIytISySG_aaHKn4W1x_MpbWpfXANWPnbcVSf9opSbAbNNEYabAT0B7gPIh5Y1ndMTwrbSQxXmWjDIp15f7NMHfVhstbVHfriw9r9hpxvfwFE34PRaPOrC6s_rynmkNdeCTJgBwubthLKDsALx-U6vmw1Z_yZ7HFFzXDOq2VYYm7INhwDKcFyR__5hhiao_Bbu2_zYitAxfr1NMvKXIibX-62bTpCfuCQp5DXVc_ABObbrYf0ApIFBAgEGAGSBQQIBRgEoAYugAfY0P92qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJXIBdIICQiA4YBwEAEYH4AKAcgLAbgTiCfYEw2IFATQFQGAFwGyFxwKGggAEhRwdWItODk5OTk4NDg1MDk1MjE0MBgA&sigh=IWPP9GT4JMg&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&adk=1629963129&adf=3210937104&pi=t.aa~a.2588343000~rp.1&w=1112&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&to=qs&pwprc=8077456283&psa=0&format=1112x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1629143749393&bpp=1&bdt=654&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4395122741eaaf63-22be2783adc90058%3AT%3D1629143749%3ART%3D1629143749%3AS%3DALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CoI8iWAbXk&p=http%3A//ohio-pages.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 19:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3D3D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cf386e7b3acf7535e4619924014614460cb89a11285735a9cec3a63151d503a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 3D3D 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:32 GMT
x-content-type-options: nosniff
age: 503658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:32 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 3D3D 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:15 GMT
x-content-type-options: nosniff
age: 503675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:15 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
24ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffbf6d6e1f3c6fba4fc043b146a3890d74042137be0d9e99a68fd592904bcc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 19:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8516
x-xss-protection: 0

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9964 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 515417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:33 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:55:50 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A822 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 16 Aug 2021 17:09:25 GMT
expires: Tue, 16 Aug 2022 17:09:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDFA 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39a0d9891b31f8b6c14d1fe8b7d11dd80a83288a3258b70a4c47856dfdee191d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-frKCX627APhRl1ZLw/bY4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ohio-pages.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ohio-pages.com/

Response headers

expires: Mon, 16 Aug 2021 19:55:50 GMT
date: Mon, 16 Aug 2021 19:55:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-frKCX627APhRl1ZLw/bY4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame A822 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 20:29:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=978370768307217&bg=!YmGlYSXNAAbOj6irzo87ACkAdvg8WiyCpJiI9-LNkfPCEo5Lt4z5W8QJHudDjXkhWOecUPRpbqhg-wIAAABPUgAAAApoAQcKARCmaPcl9a_6bdEYY8EO87JW3NoClJZ8YnnD0P4bvD7L3BOaOkTVbGZyGYL2yeRUnNuYMw_VVRwQLWDtOY6pONnF9t-NKtlyaE8gZqFHrrW-QiVZWgo7FSz42Dqgdq4Ey652aAO3s9UUWhBMt64Nlo2k-5rm1Ub1h6nWMfc_ITlSQb3CElhkPVKUTspI63U5sQTlRAJp3VRYNd2HDakJ-gTcResbSi6xl9243wbR7e7H63n9IL8qwUgpmPpicObTjO1mrlqQMGv5jgIs039uNmuJKcbuwv20yvC5Ck5w2UGVkYFhSxYznlvCYRfrVk6yNzHlQN2KvUa1oNuVaYh37mEyac-xlV2liznToW_5Gy3q-JkCgnDyG5WwwQ4XdzvZLbMxaHsa88KSmM5T8pz_tm09Nrj8KZQSML6yIlMft3w1j5x9pf7BzjlTWsWXXRA5NhYqbJ86Yzk9BINZmSEwcjwdZpCFb13s3XgXBzN9Zmrg8r96v2P0PRXwdopKTH448szpsUVa02pNrBLRIcxM76mKrD8T3Wsn7sE4Q32gbv1atnoajVftj16vLYETf1jZFWUDQ8lRx63bUFUMAu7v_QjwQHZupIQs94Ck0JL4e-YRPzTbl1FDFr5ncO5VS_LJot9ZpD9dDcu57y0yT6qnv7Tes2ZQr_ueqIiZ10W8TcgVhuL9QzQQONA3j2mwi2ZCF-FUJ5Ef6yH1sDawIpqw3IdMGEAClRgvlTnX5n0ew--bXbjoCmLMpgjzV-uGPp4QIGx3p5GKN7fBMBFpy6VnhNSaCkMVowB22J-4xlWUuNE4MF-hfz_kcgB-UL7Cp-oQvusBjFqNpn1bB_VBla_fDSHCYu70q2YAsrXlxtCZHMJQfM0qOEo_MC6SAiTzyVgQpQJB52fJU-s0Uom-iH4wVRHgpFMfvtLjwKLlarAZQZKoJbgjmQW1m50GdtAD4KLaQqtIE9RDHBEsFPf1PHG62Rim_qc9jR5Pe1kkuLM-H9EsaHXHxeVtoNxogWZ9cuRqeCvup-1yCr-C8OnVn1bhsWjAo8doA0mT6DxXd-xHiFFd028I648Ok8EgY-AHFw8rUl6s-ILi3Q2StPXFV3W_Ms1-qTtHYY8YE1vyhWYjlNnp1vwSZoBWuYRlRdrqg35bo80TnZWktMuKXrkC3xJgnbwhfM_4yxW-orzfS9IACQ45hW57BFbCzDu5MJR706YU96HdoIAoMg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ohio-pages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 19:55:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7F 0
0 32ms
31ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C800ixcIaYcrxBNnBx_AP_7O-uAncq5_mY4uI1NicDtGsrJukKBABIOaAmQxglQKgAfO5-dgDyAEJqAMBqgTOAU_QP3jqicIt7CHGzjo0S6zwUlI-oU0Sn0GJUud2-hZkxsM7if_Tu4Aqxl3xYd_12mkMMjrJmlwY9vHCDEZeW6UpKgcjPayxtQIFz32Yx5R09eGv_mjhJlilmCX88L0oK44p_7mbLJtG7R5B9gniVGwGgsuoRLuKltkcvb4iJx0TnrUyM6GPiclj25gMU3MYUZo8X93fJx_uAB9mkeVe_BHoam1WxRyJjVm5PzCbKBSGyjuorltOFhc20rH4HSKjr6h5hEzbvnE5lPa4xwVhwASCxbWB3AOgBi6AB_XFhieoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQktkD0ggJCIDhgHAQARgfgAoByAsBuBOIJ9gTA4gUAtAVAYAXAbIXHAoaCAASFHB1Yi04OTk5OTg0ODUwOTUyMTQwGAA&sigh=ntbi8lV_flI&vt=1&template_id=5000

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8999984850952140&output=html&h=280&slotname=8990648213&adk=3648871872&adf=2372086818&pi=t.ma~as.8990648213&w=1200&fwrn=4&fwrnh=100&lmt=1629143749&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fohio-pages.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1629143748988&bpp=10&bdt=249&idt=73&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3953490637468&frm=20&pv=1&ga_vid=187238122.1629143749&ga_sid=1629143749&ga_hid=1434860634&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747621%2C20211866%2C31062297&oid=3&pvsid=978370768307217&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=77GQLhceNs&p=http%3A//ohio-pages.com&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 19:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D7F 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6LqJ5_PB5zm7HYzeoQvDqfOMovSEpa3dlnuFDEBI45KG6aCiYn2BonP8Hy475SJ67mWJmCreZV09QNCgSGPGkQdQyHv8NdBt1H9p9C158PtxGTyaLKbQAoNNavA&sai=AMfl-YT_jCtL0zsLwU2x7xv9oNYv82HeroKllP71Nl9rUgjjQZoN_fbXE9ekicDPcuypIxpC4Ei_H6TVOJZ7&sig=Cg0ArKJSzPx3vCDD62XsEAE&id=lidar2&mcvt=1001&p=57,200,337,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3648871872&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1629143749065&dlt=411&rpt=546&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 19:55:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31F8 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgcmX9LvFGWqqi23RDTjFIJ-KLU7j76zr34xKSou-jdny0aom8yafC6hm29IciF8j_bbp5WzIxV_Mt4nsjUhWATQ2kIX3ElDnrmZ_XzQqh0lEo8lIEqFtmq-_ThQ&sai=AMfl-YQuve4R62gzfO22JnQwCyezu5EahK3qzk68wme1-GfqQwO4BLOxKqh9ZPdInyWWoGVmbmk0-XJ5Wqra&sig=Cg0ArKJSzL5aroEchculEAE&id=lidar2&mcvt=1000&p=1106,298,1230,1303&mtos=84,760,1000,1096,1229&tos=84,676,240,96,133&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629143749814&dlt=5&rpt=129&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 19:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:53:59	Name: IDE Value: AHWqTUlmzGSzpHVgVRYZBZWIZuiahRHrz1gFQpnr8ryNsMaOMBKLf9CG5BFwL9VY_xs
.doubleclick.net/	1970-01-19 20:32:27	Name: DSID Value: NO_DATA
.ohio-pages.com/	1970-01-19 20:33:35	Name: _ym_isad Value: 2
.ohio-pages.com/	1970-01-20 05:17:59	Name: _ym_d Value: 1629143749
.ohio-pages.com/	1970-01-20 05:17:59	Name: _ym_uid Value: 1629143749591369985
.ohio-pages.com/	1970-01-20 05:53:59	Name: __gads Value: ID=4395122741eaaf63-22be2783adc90058:T=1629143749:RT=1629143749:S=ALNI_Maujt6mq9g-5Jww-ImcAaxoE8kgtA
ohio-pages.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 80orvvg1dtatmlsv0al9m5d3u1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
ohio-pages.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.194
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a02:6b8::1:119
45.77.92.122
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
070f8600d1bdd18dd7ae0266730d0f01ddd3aeeb4e32ece65ede7d1bcedcc919
076465e4f42950c02914a0959bc60c6b599f932f67af5984b6e9fcbb7a28a7fe
07a5c911ad4a2cd0c266525f6a0abfb6a5b706a27bce565b8ed10287bfc0c13c
098549821422d0c20046f94d7d29afaef8549ba6133cb8f15938c57ef660b105
0d63a2a3738bb205a6fcf780ca5e6043584c54c5a7f037a4a4cf581979a8259f
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
12954dfcef5b989606e2f6af59e06729ae294f75808baf76d030b20b584ae2bf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185166debcb00ca384616afd43643107a5fd2600953c304991a340d64615976b
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
21a3da6c6aba7f7f4c57b2f688479340e675b147ed930b0670201ad02f49dc27
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3870f6bc71e11372205be748fd6680edeb3a870b9ed0947e502fccd0d06c1acb
39a0d9891b31f8b6c14d1fe8b7d11dd80a83288a3258b70a4c47856dfdee191d
40b828115d9614c503cfc440ce3495ff3546452f5e762611e761c1f59f4ce518
4138f41d5ba79b62a7db10963c8654d40abd898b4118a5302cf653f55798977d
4cf386e7b3acf7535e4619924014614460cb89a11285735a9cec3a63151d503a
4d5ff36dae5a7f484074ad1477214eed2bbefeec7212e016fa798458dff88668
4d754905e9858a3a4eadaf7a6fac2168deaf6eb522cb1fc76a1c9e544c036bda
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
537667629e739afb24908b0119998b67bd86f91b6b259df058da42dcf714505e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6ae712a616928caed4e5df7aed443eb20908b4d2ad40ad4ed7caede85ff3b36f
6fcb80c2f7da62ab86aff7ddb9f600c89a04c48f8ea4bbf9465b20ff4be0ee4f
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
89c4d116031c259eb25705c8d9ef3b5b8caf6c17dbb5776703b2740f44e34709
8c8e7e5c3062e4163d1cd57bac773352ca5aa8251803d59e0ef4fbf9997c6372
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9dbeeeb066231533bae19f24ee27620b4cde6d386ae20ee8c8c24c362a1a7362
9eca339eb0eeff49ad709e990b67d6faf5498a5b7c6c1caa1b58af8dd1b3ee4b
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac0927e9e6c9f1b26c87f3ad4c1317b0dfa4543877fc82beb77e5eb4aaad6299
b38d96014cfb4d2eacf93fd964104d51904f096204c6a600a4961ac990a45943
b3fc84f3ff000a2cd38479ec42583252c986ec54d381684f86e37fe7eb173ae7
b503c9d547827b48de4dc23fc066226bb47d73fc6b4258377cc4fb83988f6992
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c40c1e474273c8a9c8bfe52a925f6b4d9a437195f8c4a5367666febc83fc48b1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c81231f5886b450055dbf66f67b61d7db069c03a4a1b82d5e149a1abb513877c
ccfb41f0e22eeb691e08860cfd6a60527b12e9ca4800d043fdc915f63a733302
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d1e90718dd61191ce49eb412eca695f3acad86e2d8a9e5fa1e4cf3f11c4a36cc
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
e2c1c2c296cc9eca9d8d076175453834ac65f94924c166bc17ec73ecb8c388c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47250d318153eb69361546532d5d4606fed13b8859b830c478c90432812c0f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
f29da91eb4b01d4f02a975fefc3c2b8e536dd4c4f1cf46494f2ba20338f93cf2
f808bde08204c4ea95c0cb50211919486211dfbd7bfdc39ce70b011cb5ce8a34
f8098ca7913e9596af5cd8f3f5547ab95dd70c8020a7f159db715aa66a5c9f44
f881923e161f7af866963e8619fb78d354db785c527b040ece5514ef451281a3
ff72ceb91de38af8bf60746c572077e24e31b2ec416cce001d6270f736ada93f
ffbf6d6e1f3c6fba4fc043b146a3890d74042137be0d9e99a68fd592904bcc3f

ohio-pages.com Open in urlscan Pro 45.77.92.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

100 Requests

79 %HTTPS

90 %IPv6

11 Domains

15 Subdomains

22 IPs

3 Countries

1428 kBTransfer

3043 kBSize

7 Cookies

0 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ohio-pages.com Open in urlscan Pro
45.77.92.122 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

79 %
HTTPS

90 %
IPv6

11
Domains

15
Subdomains

22
IPs

3
Countries

1428 kB
Transfer

3043 kB
Size

7
Cookies

100 HTTP transactions
6 data transactions