data.ringtun.info Open in urlscan Pro
2606:4700:3037::6815:35de Public Scan

Go To Rescan
Add Verdict Report

URL:
https://data.ringtun.info/
Submission: On March 17 via api (March 17th 2024, 1:07:31 pm UTC) from US — Scanned from US

Summary HTTP 74 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 7 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3037::6815:35de, located in United States and belongs to CLOUDFLARENET, US. The main domain is data.ringtun.info.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.

This is the only time data.ringtun.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3037::6815:35de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2 5	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
74	11

13 2606:4700:3037::6815:35de (United States)

ASN13335 (CLOUDFLARENET, US)

data.ringtun.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	561 KB
13	ringtun.info data.ringtun.info	168 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653 www.google.com — Cisco Umbrella Rank: 2	71 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	147 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	75 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 144
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	3 KB
74	7

	Domain	Requested by
15	pagead2.googlesyndication.com	data.ringtun.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	data.ringtun.info	data.ringtun.info
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	www.googleadservices.com
3	fonts.googleapis.com	data.ringtun.info googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
74	10

This site contains links to these domains. Also see Links.

Domain
mythemeshop.com

Subject Issuer	Validity	Valid
ringtun.info GTS CA 1P5	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://data.ringtun.info/
Frame ID: 1BEA5FDAC032EA832E6CC85FD1B8338C
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7432570316639129&output=html&adk=318159125&adf=2184669829&lmt=1710680847&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fdata.ringtun.info%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710680846410&bpp=505&bdt=419&idt=1011&shv=r20240313&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6992998214089&frm=20&pv=2&ga_vid=852531921.1710680847&ga_sid=1710680847&ga_hid=177750968&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95326317%2C95327950%2C95327955%2C31081902%2C95321963%2C95325784%2C95326916&oid=2&pvsid=3567336275323021&tmod=564490364&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1041
Frame ID: 21BD1B3E4AF8718027F30AC118746E57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC13DA143025F8301201462F0F88BC58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EFA5D68504641CEE8181F55790B1F77
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 7BDFC8490E73D59E2DACCC8309953761
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: F4189ED45B11E468726942F10B03B597
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 39DB5571AF468949C6C798D48A97C0A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 1E25A88F20FB6FD5105EF3787CD1C751
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

data.ringtun.info

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

74
Requests

95 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

1024 kB
Transfer

2747 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://mythemeshop.com/themes/news/
Title: Get it Now

Search URL Search Domain Scan URL

URL: https://mythemeshop.com/
Title: MyThemeShop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=C5eznD-v2Za2wKJuXvPIPx6Gh0AXshf23drHpvvOIEdrZHhABIOSv_TRgyYaAgNyjxBCgAdqo2NUDyAEJqAMByAPLBKoEzQFP0PDOuiftjHn5XKlkcJuQh6ZF2BsvFhL1inZeHa8guFLYrP7F32c5PEEUJ_BhXtkX7gSUjIFyXNmfJNkUBLDpxbe7Yp6UmdSN-UBikM6hkbTnbegcUkv2sCnP4z7trEcRAIZtrqebxE87TC5h1NUCc7XyODnd4VvYQzAooWyMg4bMQ0HrigE63sTBVUAXqT_Lhxf3sxo8OBwogWd6IZPl-0IMwsWfA-0T1dnAnEaVvx2-9k07PzyKVhCLa0VM77WB6b2KCt7F8KByiFNIwAS704DzjgSIBczitqBEoAYugAeO16cqqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwUQ4PbIAdIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliIsf7hrvuEA5oJqAJodHRwczovL3d3dy5hbWVyaWNhbmV4cHJlc3MuY29tL2VuLXVzL2J1c2luZXNzL2JsdWVwcmludC9idXNpbmVzcy1saW5lLW9mLWNyZWRpdC8_cmVmaWQ9YW1leF9wMl9zZW1fbmJfcDItbG9jLWdkbi1Jbk1hcmtldF9hZDMwX2luY3x7Z2NsaWR9JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV90ZXJtPV9kYXRhLnJpbmd0dW4uaW5mbyZ1dG1fY29udGVudD02MzY1OTEzNjQ3NTcmdXRtX2NhbXBhaWduPVAyLUxPQy1HRE4tSW5NYXJrZXRfQXVkaWVuY2VzJmdjbGlkPXtnY2xpZH0mZ2Nsc3JjPWF3LmRzJoAKAcgLAdoMEQoLEPCs__Ds_pCf_AESAgEDuBPkA9gTA4gUC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03NDMyNTcwMzE2NjM5MTI5GACyGAkSAsJcGC4iAQDoGAE&sigh=93dsHN2zA7I&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqXI48upS26UUUaOp70LjjFOL4GsF374Uj409Cbalv0nqmxjiJit0oyCMc4KFXnrxRbpHVoLD9f4OtO2nSbRSZgL5QzekPaqSRuCgYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311948a7478520000000000000000%22,%224%22:%220xb33a7085cbd00c9e0000000000000000%22,%225%22:%220x42ebf3e9f483154e0000000000000000%22},%22debug_key%22:%224805640219091772134%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222566271274855259745%22}&andc=true

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=CjisUD-v2ZbCwKJuXvPIPx6Gh0AXshf23drHpvvOIEdrZHhABIOSv_TRgyYaAgNyjxBCgAdqo2NUDyAEJqAMByAPLBKoE0AFP0M1PKSFyRBfLZxHyua2oggzP8ljH4o3gF2DY11liEWjCJ4qSiUdUxr7ZyqC5959AEx2PTnk4JlER7Ftp6h-jRRdHOZokfDtyNzLyc0tQzT7wiLWJ8aWrZRpUO6nWcdoIcB4pKF1Iu64dZLSBCAGhLP-lYhCg_Q51g-2faVdXchwG-pv3--IRz1qEsRPkaAc0CWfAI8I5wzGd6L9EYc2BIrUML7RmXA_jKGSQkBI3xZGK3_ldg40LjMzfkcU_Vjf1icgo2xUAZUgTUIdVc0FbwAS704DzjgSIBczitqBEoAYugAeO16cqqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwUQxbPAAdIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliIsf7hrvuEA5oJqAJodHRwczovL3d3dy5hbWVyaWNhbmV4cHJlc3MuY29tL2VuLXVzL2J1c2luZXNzL2JsdWVwcmludC9idXNpbmVzcy1saW5lLW9mLWNyZWRpdC8_cmVmaWQ9YW1leF9wMl9zZW1fbmJfcDItbG9jLWdkbi1Jbk1hcmtldF9hZDMwX2luY3x7Z2NsaWR9JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV90ZXJtPV9kYXRhLnJpbmd0dW4uaW5mbyZ1dG1fY29udGVudD02MzY1OTEzNjQ3NTcmdXRtX2NhbXBhaWduPVAyLUxPQy1HRE4tSW5NYXJrZXRfQXVkaWVuY2VzJmdjbGlkPXtnY2xpZH0mZ2Nsc3JjPWF3LmRzJoAKAcgLAdoMEQoLELCJ6e_Xu_uk5QESAgEDuBPkA9gTA4gUC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03NDMyNTcwMzE2NjM5MTI5GACyGAkSAsJcGC4iAQDoGAE&sigh=dO1SFh7GXhE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqXI48upS26UUUaOp70LjjFOL4GsF374Uj409Cbalv0nqmxjiJit0oyCMc4KFXnrxRbpHVoLD9f4OtO2nSbRSZgL5QzekPaqSRuCgYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311948a7478520000000000000000%22,%224%22:%220xb33a7085cbd00c9e0000000000000000%22,%225%22:%220x42ebf3e9f483154e0000000000000000%22},%22debug_key%22:%223206080123015481916%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229888419238135909201%22}&andc=true

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
data.ringtun.info/ 30 KB
7 KB 868ms
566ms Document
text/html 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fcba8c87faa3c1ed145234d78b3a885ef554b4e920f683d58e76468b55ecac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 865d34b3fd2d749e-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 13:07:25 GMT
link: <http://data.ringtun.info/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqwXELsNDHDwRbcLP0usnyxdXad0YGdCbm6w5Xa93FJkVp9uBJoyrsqM1ZC1NNf6lNb0%2BLD6gqlIrQV7in51RGUGyVJBpbqS0O2ws2K8tUrW03yqwFU0Mainma%2BEXZu7wT1M8Nebgo4mT3SjoEgqRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 287ms
138ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7432570316639129

Requested by

Host: data.ringtun.info
URL: https://data.ringtun.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01cc11dede1aaf24d774243a3a8ecd2c73b43e6b8bb49b0e81bf7e7b870e70ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
Origin: https://data.ringtun.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51019
x-xss-protection: 0
server: cafe
etag: 13991304867223141689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 17 Mar 2024 13:07:26 GMT

GET
H2 200 style.min.css
data.ringtun.info/wp-includes/css/dist/block-library/ 108 KB
15 KB 600ms
594ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 14:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae43-65e5db4b-209552;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jePMw8KUS0U0lQH3N%2BFIVybjf%2FsD4zaBToZVOLjRs5YZMTrXs5kMlmDVNb%2BpbOhR7IIqa1YogUNcGbAh5DomfnS4mfgKfVjtUEQ9SoCOwv4O0JUkZZNwVsSBzVnhhA09o3igI%2BTsDwyE14ALAl3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9e2749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 blocks.style.build.css
data.ringtun.info/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 173 B
552 B 593ms
589ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 02:04:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ad-65ee669b-48d2f9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5X%2FwvugMsf%2BMMiZWbkJD4UvV2ENOCBUEavVQ2IF%2FhIUg%2FjF7%2FGsBGm28phX35g6fm1tD2hH9eYwAyPbQaaKVaRAZGd%2FslV80F5ngAKQoa8yKu4XCKYvZKw9Z8e0knGuCPyHz%2Fdgm8XxOe%2Fbao6HnZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9e5749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 style.css
data.ringtun.info/wp-content/themes/mts_news/ 58 KB
13 KB 558ms
554ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/style.css
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e47a609632060c1ff669dc514741cc0e97bb38660bc76aaa303d241413f9471d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e866-65e60076-2869fb;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiLH7TPRlb7uEQVR%2FCkd1cWsV416KlvNGZOP%2F5zIedE6fLoJmk%2F4vt%2BSrhzNpUDodTw7YeK66LecjwIXIQYnYKTfO3qAK558VLBAsJgfTOBR8ApvBIuSZjT4PQaUGvYQwaxnVLl4DHuM5o28I89jGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9e8749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
944 B 229ms
83ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%3A700%2C400%7Ckarla%3A400&subset=latin

Requested by

Host: data.ringtun.info
URL: https://data.ringtun.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3de7e6acf6003bb7b30f306e2aafb54d5f982f3de13aba4fe7842cbca36a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 11:50:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 13:07:26 GMT

GET
H2 200 font-awesome.min.css
data.ringtun.info/wp-content/themes/mts_news/css/ 30 KB
7 KB 575ms
572ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/css/font-awesome.min.css
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a786f354eff6e5c74290888da449fc605b0499d4358bf85cc08e21ac744e8ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"78d4-65e60073-2863b0;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lD8jHzKIZtHehUSV6JyavnK9BocxfmqnnKt96CIxwidKuC%2FUepHAFkSDvDJcaGzSk0CoOJ0qvoNNunySb0ssmVz1aHxnI%2BikBl6pZ9KL3HUUAfwCs8X29cnz1EcaUrCsaX1jiIvpIsXtQ%2Bx3eqm4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9eb749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 news-responsive.css
data.ringtun.info/wp-content/themes/mts_news/css/ 18 KB
4 KB 585ms
582ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/css/news-responsive.css
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac86409719030cfd727f4150b3596e609f7aab7b1539ae05a49d150d1c42ec42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"466d-65e60073-2863b2;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4COOrLQK5XFz4YUYEzkeGIA8%2FpawqlzR4%2F3LJ8yGA9rcxYCvNsqQPjf47oJ9iBt6zlJueVlw2gmghOE1u0wae0A3tA2TO9H30s8VR8G3PY%2FbzoC0Pp87VNAiUQq3TznrA5G0TJ1AtRDPgSGVySkGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9ee749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 news-global.css
data.ringtun.info/wp-content/uploads/news-styles/ 17 KB
4 KB 586ms
584ms Stylesheet
text/css 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/uploads/news-styles/news-global.css?timestamp=1709574883&ver=1.0.10
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f31ca6e6b19cee07c15840fce412805fd6772532b43523180699866dde2522c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"44fa-65e60ae3-2862af;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUATIwHHSGZ1amnNOIVUDaQVNPPWb73smNA38kGiNYDqGwIIfr%2BedYHNWlEQWW8F8lmqa0ywH2fyeraxWEOaXpWMly6EoASa2eKJfMs%2F0Pm6kLYl9gEaGo7cdpQ9SwUrXzbdBhn1dvPUO3Pse3NM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 865d34b7a9f1749e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 jquery.min.js Show response
data.ringtun.info/wp-includes/js/jquery/ 86 KB
31 KB 865ms
863ms Script
text/javascript 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-includes/js/jquery/jquery.min.js
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 14:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65e5db4b-20976b;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VKSeL4GsWtwDEHgpYkStBKSJzuEZgKC9PXz571NZ6TGpePN3InC3rkS%2FM%2FCh6B%2FTj1GiHdUa%2FUNpJhdvczDIfqr3nV%2Bq6DV9ZNr0rXXLH8%2F2aOZwwrscYdOckgYwBVJAu%2BEvD07VM45nVu2Giv5Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 865d34b7a9f2749e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
data.ringtun.info/wp-includes/js/jquery/ 13 KB
5 KB 568ms
566ms Script
text/javascript 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 14:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65e5db4b-209765;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NPCKPXyGtsmC6nDt7fWI0UzJWn1cGNhghKiddioXO%2B5ti4vHcFBDdCuuRddv6qPg%2FXNlwJNxB66O8wTbD5hdcbJCB06rbiY0%2FK65ktyIX2sF1Tao%2BEbKvI5hpuEkEgfDz9o0yGipeEy803SJm0dGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 865d34b7a9f3749e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 nothumb-news-featured.png
data.ringtun.info/wp-content/themes/mts_news/images/ 298 B
651 B 566ms
564ms Image
image/png 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/images/nothumb-news-featured.png
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54079e319acc1f64718451b0b7f94c228a59d402178a3f29e9a44e2da40bee49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12a-65e60074-2863c9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2F12BoE0POSQShKwNBYA6lsEHe%2BRh%2FhPZU6lmx4e4GKrk3Es3coU%2Fktmze41uKKtQcnyZFecpzLZ4NaAD%2FSNivu38prrvMOx9cDAUKdfulur0DRzkT85mYESq6A9g%2BvFTRC2X9UwJlfLNv%2Ftih4hKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 865d34b7a9f4749e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 298
expires: Sun, 24 Mar 2024 13:07:26 GMT

GET
H2 200 news-customscripts.js Show response
data.ringtun.info/wp-content/themes/mts_news/js/ 9 KB
3 KB 587ms
586ms Script
text/javascript 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/js/news-customscripts.js
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9417db46129124b0513d79f2edb995ce3fcd7631994ad73946802096f81cd819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"225b-65e60076-2869bc;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wChOXI4%2BKYy47nXgTKDGag5kksSHBbeQsxwvWq3SHPLIsI68xfiPZ9Jim3E%2FKfCsVdw4P%2FFJv15Z2D3ScP6iiGUu3gawLF7Z6Bm%2BJSqMRMUxAoSKqKtd10HrCKnpjUjd49tq06MEXs7uFx%2BBwNVJjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 865d34b7a9f6749e-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads.js Show response
data.ringtun.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ 1 KB
934 B 590ms
589ms Script
text/javascript 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7edafd6b59e14cb45567b88f1a7106bfa23b42b69d53203364e4b7d5804a01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 02:04:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58f-65ee669b-48d29d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4HO3mnYFndKc4M3DkvaZjk%2FXo3vMspPlalUu3hGH%2B%2FV9ySyRhTvGbuBTBrTL%2FRW5KVU9XL1WrILwgwxXGnEbJH%2BpQ0uaJAs8Y2j8jLlS559ntuq0S%2BG%2BaKYBnoLn7LILclWo9tjX0U09wZCBo7jlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 865d34bb3a737429-MIA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 82631621-4bb8-4036-a7ec-8733cadbda57
https://data.ringtun.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://data.ringtun.info/82631621-4bb8-4036-a7ec-8733cadbda57
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 407 KB
138 KB 295ms
152ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7432570316639129

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c442702f5d70e4fe67a055e3a65e71bf283c4261916ce3052fe70c0d7dd5514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141388
x-xss-protection: 0
server: cafe
etag: 12853716741918590493
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 13:07:27 GMT

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 198ms
62ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A700%2C400%7Ckarla%3A400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://data.ringtun.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:52:49 GMT
x-content-type-options: nosniff
age: 317678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:41:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:52:49 GMT

GET
H3 200 fontawesome-webfont.woff2
data.ringtun.info/wp-content/themes/mts_news/fonts/ 75 KB
76 KB 1307ms
1306ms Font
font/woff2 2606:4700:3037::6815:35de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ringtun.info/wp-content/themes/mts_news/fonts/fontawesome-webfont.woff2
Requested by: Host: data.ringtun.info
URL: https://data.ringtun.info/wp-content/themes/mts_news/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:35de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://data.ringtun.info/wp-content/themes/mts_news/css/font-awesome.min.css
Origin: https://data.ringtun.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 17:10:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-65e60074-2863be;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzeCEO3VqK3YAhMi%2BwPdxHdqyx98lTBpzfSiZvIvHASFHcyqR4ntRcekGq6pAC9mmLw4TbuNYOBuR7rVejxO4CDjuHelirdMgilnlMcPML3JKQhF9Baw6t%2FVNeYOVNrwJRdtIz6x0N8CF6OY0psS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 865d34bd4d1e7429-MIA
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Sun, 24 Mar 2024 13:07:27 GMT

GET wp-emoji-release.min.js
data.ringtun.info/wp-includes/js/ 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21BD 335 KB
66 KB 1420ms
1280ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7432570316639129&output=html&adk=318159125&adf=2184669829&lmt=1710680847&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fdata.ringtun.info%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710680846410&bpp=505&bdt=419&idt=1011&shv=r20240313&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6992998214089&frm=20&pv=2&ga_vid=852531921.1710680847&ga_sid=1710680847&ga_hid=177750968&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95326317%2C95327950%2C95327955%2C31081902%2C95321963%2C95325784%2C95326916&oid=2&pvsid=3567336275323021&tmod=564490364&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1041

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c298d0ac8cc581298942006fdc5f8742c2b2d8bfdbfa50471ad76775ee41fe26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 13:07:28 GMT
expires: Sun, 17 Mar 2024 13:07:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 156ms
154ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96dcadf2a0c8f1db5d5160e2267047df574677499275cffeead1b7bfeb1188a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 166 KB
56 KB 157ms
153ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/reactive_library_fy2021.js?bust=31081902

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f2c416cb3705535862b292585eaaa4f02277c5e8d72fd58fb01c24db097f8ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57441
x-xss-protection: 0
server: cafe
etag: 10191598498285254840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 13:07:29 GMT

GET
H2 200 ca-pub-7432570316639129 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 410ms
94ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7432570316639129?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6829491997fce7c0e10e7a1e3296be274936da589264920352b1d6754efba106

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-avOyJGIb7U8nrl-MjqAwmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-avOyJGIb7U8nrl-MjqAwmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44D45ILzrBeBWIiHY-K12-vZBF6c2HaUEQB4WTJS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 138ms
122ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532561&hl=en&pvc=3567336275323021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 13:07:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 289ms
110ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:07:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC13 13 KB
5 KB 66ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 235832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 19:36:57 GMT
expires: Fri, 14 Mar 2025 19:36:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7EFA 829 B
1 KB 232ms
86ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29452de2752939dde4cf9057fafe7eed85dd9b50a50c4a4862a0f1eb8342c82c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DH-g-USWtccsgtuUzWJEdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://data.ringtun.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DH-g-USWtccsgtuUzWJEdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 13:07:29 GMT
expires: Sun, 17 Mar 2024 13:07:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 7BDF 9 KB
4 KB 66ms
62ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 62087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 19:52:42 GMT
etag: 5035419970550746386
expires: Sat, 30 Mar 2024 19:52:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame F418 9 KB
4 KB 68ms
66ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js?bust=31081902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 62087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 19:52:42 GMT
etag: 5035419970550746386
expires: Sat, 30 Mar 2024 19:52:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXxhYPwG0PJQn4BDorlGV2xUyG0QnbgvFHg4xkbLvCk8l-hjo32-4jvm-RTirl3PI-JEYUYXZFcot4uZdc_obdeYfPAXHKC97I0Ow7ga_zkFjTaecnaMe2NgttGVDh_fQqvYcyisQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 107ms
102ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxhYPwG0PJQn4BDorlGV2xUyG0QnbgvFHg4xkbLvCk8l-hjo32-4jvm-RTirl3PI-JEYUYXZFcot4uZdc_obdeYfPAXHKC97I0Ow7ga_zkFjTaecnaMe2NgttGVDh_fQqvYcyisQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwODQ5LDYxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kYXRhLnJpbmd0dW4uaW5mby8iLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d1c532bbd48ec3ee454464c3aa9f04a59867ccfe52e7382c679292ad3f9293

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-e1ddfOTanKVuDa0oWckRxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-e1ddfOTanKVuDa0oWckRxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj4rXb69kEDiy9eJgJAFTfLR4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BDF 6 KB
824 B 91ms
80ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 12:40:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 13:07:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 7BDF 2 KB
822 B 64ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 7BDF 23 KB
9 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 20:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 7BDF 3 KB
1 KB 105ms
102ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 7BDF 20 KB
8 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7BDF 208 KB
63 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:01:32 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 7BDF 36 KB
15 KB 211ms
63ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 20:47:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F418 6 KB
801 B 84ms
83ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 11:39:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 13:07:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame F418 2 KB
822 B 91ms
89ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame F418 23 KB
9 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 20:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame F418 3 KB
1 KB 93ms
92ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame F418 20 KB
8 KB 85ms
85ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 15:15:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F418 208 KB
63 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:01:32 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame F418 36 KB
15 KB 218ms
95ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 20:47:16 GMT

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame CC13 40 KB
15 KB 97ms
94ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:41:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 318356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 20:41:33 GMT

GET
H3 200 AGSKWxVUe2Lyi8ogRfb8mW42dMvbZIfTmQEzzNXs3Jnya18DWgjDYujsL4HrJzObaUYTI7pKWyPkm_Je_HGyl2uJ8t5TSjjWfHz_BiiXqtPOlJkJX1iZmF1EXYaB1UnpigpOuoKrlz05qA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 97ms
96ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVUe2Lyi8ogRfb8mW42dMvbZIfTmQEzzNXs3Jnya18DWgjDYujsL4HrJzObaUYTI7pKWyPkm_Je_HGyl2uJ8t5TSjjWfHz_BiiXqtPOlJkJX1iZmF1EXYaB1UnpigpOuoKrlz05qA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwODQ5LDgyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZGF0YS5yaW5ndHVuLmluZm8vIixudWxsLFtbOCwiSUlVdERTUVJRa00iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91d79679982d87d17a71297eae92f5c10a30e26f9afa938dcacf4254d3ab3b0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VPm6UeW9d2KFjsgXOIH1pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-VPm6UeW9d2KFjsgXOIH1pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44D45ILzrBeBWIiHY-K12-vZBGa8vbSIGQB-_zIz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7EFA 0
0 123ms
122ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=3567336275323021&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14932244057858655379/ Frame 7BDF 22 KB
22 KB 65ms
64ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14932244057858655379/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5754bc12f2200bb09c32a5c1f0c596ba54feab4d6b107379f2c1067c2801f437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 21:06:32 GMT
date: Wed, 13 Mar 2024 21:06:32 GMT
x-content-type-options: nosniff
age: 316858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22314
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 08:00:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 7BDF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c5a790321dc2837f8f1665d030f26d5d101d5c34ceeabab0c9c0e69edf131f5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7BDF 15 KB
16 KB 67ms
64ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 360900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:52:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7BDF 15 KB
15 KB 90ms
89ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 06:58:54 GMT
x-content-type-options: nosniff
age: 281316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 06:58:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7BDF 15 KB
15 KB 90ms
90ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 360658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:56:32 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14932244057858655379/ Frame F418 22 KB
22 KB 64ms
63ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14932244057858655379/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5754bc12f2200bb09c32a5c1f0c596ba54feab4d6b107379f2c1067c2801f437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 21:06:32 GMT
date: Wed, 13 Mar 2024 21:06:32 GMT
x-content-type-options: nosniff
age: 316858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22314
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 08:00:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F418 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49b482abb844002986639d74cbfa0ea2c903b25ce2178fe5ca35c9df40e133e1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F418 15 KB
16 KB 71ms
69ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 360900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:52:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F418 15 KB
15 KB 104ms
103ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 06:58:54 GMT
x-content-type-options: nosniff
age: 281316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 06:58:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F418 15 KB
15 KB 115ms
115ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 360658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:56:32 GMT

GET
H3 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 39DB 51 KB
20 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: data.ringtun.info
URL: https://data.ringtun.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 20:57:14 GMT

GET
H3 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E25 51 KB
20 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: data.ringtun.info
URL: https://data.ringtun.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 20:57:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7BDF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5eznD-v2Za2wKJuXvPIPx6Gh0AXshf23drHpvvOIEdrZHhABIOSv_TRgyYaAgNyjxBCgAdqo2NUDyAEJqAMByAPLBKoEzQFP0PDOuiftjHn5XKlkcJuQh6ZF2BsvFhL1inZeHa8guFLYrP7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311...

0
0

277ms
124ms

Fetch
text/css

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311948a7478520000000000000000%22,%224%22:%220xb33a7085cbd00c9e0000000000000000%22,%225%22:%220x42ebf3e9f483154e0000000000000000%22},%22debug_key%22:%224805640219091772134%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222566271274855259745%22}&andc=true

Protocol

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa0980e93205e6c800000000000000000","2":"0xacf9a4dcc5381ea00000000000000000","3":"0x540311948a7478520000000000000000","4":"0xb33a7085cbd00c9e0000000000000000","5":"0x42ebf3e9f483154e0000000000000000"},"debug_key":"4805640219091772134","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"2566271274855259745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Mar 2024 13:07:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa0980e93205e6c800000000000000000","2":"0xacf9a4dcc5381ea00000000000000000","3":"0x540311948a7478520000000000000000","4":"0xb33a7085cbd00c9e0000000000000000","5":"0x42ebf3e9f483154e0000000000000000"},"debug_key":"4805640219091772134","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"2566271274855259745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F418
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjisUD-v2ZbCwKJuXvPIPx6Gh0AXshf23drHpvvOIEdrZHhABIOSv_TRgyYaAgNyjxBCgAdqo2NUDyAEJqAMByAPLBKoE0AFP0M1PKSFyRBfLZxHyua2oggzP8ljH4o3gF2DY11liEWjCJ4q...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311...

0
0

275ms
121ms

Fetch
text/css

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311948a7478520000000000000000%22,%224%22:%220xb33a7085cbd00c9e0000000000000000%22,%225%22:%220x42ebf3e9f483154e0000000000000000%22},%22debug_key%22:%223206080123015481916%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229888419238135909201%22}&andc=true

Protocol

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa0980e93205e6c800000000000000000","2":"0xacf9a4dcc5381ea00000000000000000","3":"0x540311948a7478520000000000000000","4":"0xb33a7085cbd00c9e0000000000000000","5":"0x42ebf3e9f483154e0000000000000000"},"debug_key":"3206080123015481916","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"9888419238135909201"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Mar 2024 13:07:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa0980e93205e6c800000000000000000","2":"0xacf9a4dcc5381ea00000000000000000","3":"0x540311948a7478520000000000000000","4":"0xb33a7085cbd00c9e0000000000000000","5":"0x42ebf3e9f483154e0000000000000000"},"debug_key":"3206080123015481916","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"9888419238135909201"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 277ms
121ms Preflight
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 13:07:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 276ms
120ms Preflight
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0980e93205e6c800000000000000000%22,%222%22:%220xacf9a4dcc5381ea00000000000000000%22,%223%22:%220x540311948a7478520000000000000000%22,%224%22:%220xb33a7085cbd00c9e0000000000000000%22,%225%22:%220x42ebf3e9f483154e0000000000000000%22},%22debug_key%22:%223206080123015481916%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229888419238135909201%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 13:07:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC13 0
10 B 69ms
68ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XvmXXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 triadshow. Show response
fundingchoicesmessages.google.com/f/AGSKWxUObeTX126lhlUXNiILBOdsqGCFFVI1pVSEwEJEqBYnEz5-hOdLCMpvCgBQ7JiIFmvI0jQQtZReCNBzLycRUO03OzcFfIYkK03ulYC0wgYQBh5YR_8BLXIPdba8xkQlioHeM1DC5sRM4gkm9u3gbhA4NUN5Q... 54 B
110 B 92ms
88ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUObeTX126lhlUXNiILBOdsqGCFFVI1pVSEwEJEqBYnEz5-hOdLCMpvCgBQ7JiIFmvI0jQQtZReCNBzLycRUO03OzcFfIYkK03ulYC0wgYQBh5YR_8BLXIPdba8xkQlioHeM1DC5sRM4gkm9u3gbhA4NUN5Qeg2TkFUAQTe4ItXnSnv9IM16-XJMhNR/__rightad..cz/bannery/_adframe//ads/3002./triadshow.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fee993fdc09b99014dad43fb08d0e1d1e0294bf37a7ea9ca32dae4a7cdded24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-USRVhOa3x47DhKm4XUkV4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-USRVhOa3x47DhKm4XUkV4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj0rXb69kEHvQ1bmcGAFADLMM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 68ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73695484289ebf62f8ebf454f6c93207229586c0bdeb6723b06a724011b4019f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 12:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31027
x-xss-protection: 0
server: cafe
etag: 4920355141596313764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 13:56:26 GMT

POST
H3 204 AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 218ms
87ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QrL4Y9CEKtrHiu8T3sH3Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-QrL4Y9CEKtrHiu8T3sH3Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIm2Pytdvr2QQ2fN4mDgC7kAwP"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://data.ringtun.info
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 143ms
93ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sp0Vwu2hNwdWpvBem-NZJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sp0Vwu2hNwdWpvBem-NZJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1ZBiWMS_i6mW4RlTKxA7pc9gDQJiIW6Oyddur2cT-HD9ogQA7jwNvQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://data.ringtun.info
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 124ms
96ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QIa6APmKF86DXgri_kIpuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-QIa6APmKF86DXgri_kIpuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1iDgFiIm2Pytdvr2QQevL4uCQC83wxd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://data.ringtun.info
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 113ms
90ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rIcomHva91HahkYB-DdPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-rIcomHva91HahkYB-DdPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIm2Pytdvr2QQa_u4QBwC44gvb"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://data.ringtun.info
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVdTQGdwFcK3YB4liDW5osP2_bjTwoUD7cllF6hHCF7mTsqBVfxBGLyEZ1-iWGyJVMKa9r6rlHHmmK2OkNihZ1EwCdczmU0qxJ2bH1T6g5KUfPWZTCA8GWHtE5UuuMoauXRWVdEBQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
95ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVdTQGdwFcK3YB4liDW5osP2_bjTwoUD7cllF6hHCF7mTsqBVfxBGLyEZ1-iWGyJVMKa9r6rlHHmmK2OkNihZ1EwCdczmU0qxJ2bH1T6g5KUfPWZTCA8GWHtE5UuuMoauXRWVdEBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwODUwLDk4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kYXRhLnJpbmd0dW4uaW5mby8iLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b62e3f6282622d0103acae3c206581dffe764097238a918edbbc7fa845f15cdf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8SGa3rmwLk-nHUEzmnKlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8SGa3rmwLk-nHUEzmnKlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtj8rXb69kEdvTPEgEAIccsDg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 130ms
126ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=3567336275323021&bg=!PT6lPnHNAAY_ejuoH3o7ADQBe5WfOEdKYe3YVWwMFTPjpbrLUTY560F5aeDzMWLcQkvBfcbJ-_ooMzkE55Obr3K3xJX6AgAAAg5SAAAABGgBBwoAoAmjNj57lKUWdot72DwFzUqzh1Knzwca_GBCDgKTMtE-NHZAz3DIhbEuWTPbtL0pwpsITcUv0hj02jVQZHr4scVDsTPqx2gkz5gqBO_xmS4mbtE69SJc3tylFpbL5XjnFm8INxA5BiJ8zsiys5d-u03GvxIEprjpiHLQeV33S2P7SzVJ_lbRAJZZz8bo3uPk2jDLrPkKMs6LQYkshZ5PPqaZAs9xaS7-NUdZxuqU_tRjMaAhqFChG5p4JLqhrlMct57HzzRAAcjyEsip9YyhJZZN2vRVa-xzJb4_-yahb_MESruBTcD9F9ZG-Wb8xNv3ThI95P8bXBaJR8XMB57olAUC8M0p0kh-Bh9J00dmKrNAKeDuwu4rph32z2p4mWll3biXyXF5aV6uttz9tI3ZrPe56inXriRpocjzT3MJa_XCZY2rphs4cGT2MA7gOAy-aYnumvYi_KhGZd7SqZ5bZro55GcWNKXMMGjr0fA_YEj6amdiFvVZPK8ShyOoj6kveNl2n4MglCuIZ9GpaAHujILH_MvQ0MPc7MP1pkStbR8Dtd0CUSZ-aCKFzKC_YFUM9q_hCtiOualqNQJq8mb9kZzaRGKvG8Pu_pPRjDTprl5_bnBPDBLGSFjw67IdmZUfzCTwzD2WnCV8Nw08_MXHA4JaGpV1JdNuu_qoyfJIwxPPFa16N4hL6zvrEYs4UrFbvmnzGvAgpXxEbMYz_u0dH9JtEUniaA88oW4ZMRMqa6w6Fr0PYn3zS4-oPzIIuGF1MTAmPv6AWsqlTGjw1uZ7XjEMAPl1q-MEjVcQvLc_JVbq02DjRSVYOyp5Rxac1o1i6BQ7Hye0__VpGPQIVKeeRkyw-IVn9VKuQ712CgxjaxqCh7qx0Xu2N-WUEm0Wnf6hUUmDfyqZJLwsI59Q-NoD4yaiuTU-cGRj14-Ju_TwC53_EMuMQwLeI9Dk1-7UWC0bV23gmSqRK2yslKYR6mTdu7FRGfQbCGGJMghTnmrKPIBAYz-0Cl0uQVkZl4UgY11mqIt98vElc93B7Zt1BJBZNyM09S1Z-Cx65aprGxw4frVRtkx9MzPMyncjX-xwHWrLJXZj-XkhpSrwdajJmv5BEOcP-y45jBrjot2MqRSAjCAmjQuoIweB3S6anQQwcz1f72ODO-3p6GNB6aSEXhrLVasOvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data.ringtun.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H3 204 AGSKWxVK-kPcCAtYHh8zZNZMPX2TqXgyiDn9bNVWzC0ClhdLRcn40TjE0_uehTc3hSpSD_Om_HrA19LxkYKMwIkw_grTImvg-kqRG7KGgN-4FjDjhlASAFR7RAosd0a1yG4lH_zR3btL3g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
87ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK-kPcCAtYHh8zZNZMPX2TqXgyiDn9bNVWzC0ClhdLRcn40TjE0_uehTc3hSpSD_Om_HrA19LxkYKMwIkw_grTImvg-kqRG7KGgN-4FjDjhlASAFR7RAosd0a1yG4lH_zR3btL3g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MYg_L-VbXV6r2dRnjg93Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MYg_L-VbXV6r2dRnjg93Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1iDgFiIm2Pytdvr2QQa7jZ4AgC6MwvE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://data.ringtun.info
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
88ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTIiyottmIc6285VZcJBkQunfiTAvOQWo6i6ZGR-9KWvyTpGRRxiSDQDOl_PAVLh2ipfnjQQm48Sq0emOiJSlYsRKNXgrg1CINRd3Wx0xf72uu2hl4tY_TkI0IadRaxKaBB6etWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nB5Kd5ATSr3e7Wy8ZUehvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://data.ringtun.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Mar 2024 13:07:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nB5Kd5ATSr3e7Wy8ZUehvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1iDgFiIm2Pytdvr2QRevF_mCQC7jwxe"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://data.ringtun.info
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F418 42 B
64 B 130ms
129ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuf6ZmmoBVUE7y_uaV0aifat4xbr2Yqf0XEln3F-zBfiTc2L8xypHoURNqwmY9mDd0NfgcX5d5_yOYFgpiCSTJa-sa9ooJVDoxNrOZBWJbpm_AXk3rAzLpC1l0vMjSF7sVmYHK2cArEcuaKrg2x6VJd4qXcQKMN4TvT7tkPze3RkKpZwvRqPmtPz0Ww8-Z4CH3aW_W-JCdZ66URUE815fZRyhlTMi5XdLzt0oOi-vcvsVLbp8L4UvZUlq-NUecFHIfjobzvsVL3yiy-U8z6UEqVgg-mgx13W5ZuRnOEfe4G-Ula7Fad-8Xh5HKT6WKjanJHyDy8RTqEcnYKDynhnPNyu-hAqwESkS-xaQwqUcTGfENbmrlYJyfNnSa88RK9bm4k1KqxyrzTQPSEgjeLNjUnLG8kSmpcb2qKKOepkwgT-zglYWiKd4qmkyzZjSqgH0ugg38saMGGmUl8K9p8-w-s9RYD6x7prUCxnupadPgLdQFoiDSEN62qYeUmeh5APpKwN4Sedu0bGAfFiSDdQ2WwXtVyHGeFHb5gb4l85SWmFUH_KCT9bOH3OTp0_CUP44KK1jKCCq-eLCY9pI7nwqmJCuMUlCQg1s990V7XLx_4YNFGyDG4tzG23yH-u2ftmhpfV3vIUVqQpqYySEKexMz68BonktjjrDOqeqE-Y5IoeCRvRZ-HyoNMe8HJb7f2kU-NtojIQFB0KS80QnNxGooZnwYT8BpQ7f-IzVtcSrHjRgofR-0OJAXoUi3qgS9atb5pPJjWhqdcWGyX9NwRueoC6XEzdYPBjQqsQhQm2heq3eGqL7QYuEub9e8Rph2h_kcu1gSHUuf2rGAzhfQ6NkY4zbkId87ooHbWahGP1i_0sZkHuZAGV4GTFbH7W7TfH7zEcyWVhPkd_AmkMqDpcj9Q44Ju5luYKkdO_V0IdgW3fihYNdjGJ_hn3vMnDvmaptaJkYm2r3LKpwWwhSWzFiUCsWhW7yVvyfLde3FMs4mskPC7opuRYZWWuQcOdUNaX85eX-gOjJrMZ-Mq2jzsBq4-dc0U7NE3dANO1XSYPlgIv2cX9QvTIhKSG4k-orX87Mmbk-kGLWQpEHcWgVL33kun5HTChf3qE7Zg16BTXzQ9MCYi5HKRA8mXFbYk6P85jM56wkCxjo7Vo93tMZdXqsYFkIudvqVTh2bJ0u4n6YGrF-r7Q2AXdhGKC-2tHY854wEYMFjzPYSii5kr_dKYinXu28EbdoaUm-bsl92wxxx_pbX7f5t39xMoyuMfQhBdmGlIxbnio2ymzBC-y22P85K-x78W50dY3qTITc8j2O0pT8Dhquz_KUpWNef64SytAs-kdZk_X2OVvs8mrTQEWH87CouVbpgUA__e7Z6noRARPiQ6igO8hFFD27vkjC6ugvS1wVLBdqB_WtAegZn-rfXxTPxcQWS4teXIH3s-7x1puRgksHWUoM7AlQiNZ4Ghmb_I5rGmAlXRhnpbYmWGJc3EEPrnM4iPAJYP1aHmoNT5pWHIj0_hWPaKaYdp7E5NLSR_UZ5vZJwcsIYFkfsrg2kvh7BznxbS9oCAv35d-AL0Vefehf4aFHbK9PP2HlImYRSbWYeh3vpegbT6EChMOx2EabKRCtQqVeo25tyRoP2MZ8fdRvPe4JFubK0Pgd4&sai=AMfl-YQPVDztcxwvIxqvWiirr72WxXj7tl9mgY8R3JO5SoMwVCzu1v8lqNPfwZeh6-u6PzobmpvA-KuXUi8XsyOQbT5AtlpcxLPT4-zeOvZXTB35ffdryMJyEO3SFGAzU1XdvITkQSFtKvEy-n6_C28RqyjCCb3sA9_ZW8i8r9Y&sig=Cg0ArKJSzPcMG-70w76bEAE&cid=CAQSTwB7FLtqXI48upS26UUUaOp70LjjFOL4GsF374Uj409Cbalv0nqmxjiJit0oyCMc4KFXnrxRbpHVoLD9f4OtO2nSbRSZgL5QzekPaqSRuCgYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159124&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=661364900&rst=1710680849606&rpt=574&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BDF 42 B
64 B 128ms
127ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVtrmZnP0L1CD6MP1WWp3rlCcIyC-ZWY4MxyFkHrOcXvnsZ9tsvTnlUOYfj4aWYGhx4pThvOcD8LAebXe0hGFcweucTMeiHap2M-4QZNLSh-aE_5lcQ3lFsMjhnvOjcU0MoA9ydIy8g3WQBJZm9-D65u0AtM_Dz5gUDVTE27KlR71pq77RHjL2r5U9QMM9a-7H_x0S4nMOmyT6KZYBGT4RFRGxTAjBv3OlBvC0b2Aea2k5dCEJdwrXUWQ4u4E0uD_1QZkIg_qwB7sM3omG0LBpSHGlpYNgvNzkudfmoKnBCE2mqTHxc8Jw6viYXez-zOBVfJHz_Pbj6sex-PLzfgJf1qM77lXEo3lkNzd25_YaRMLEz24FGpL3xaGOYEpijeJzjHmpQZdjycT9hb57ymLXVtw1euVwFYhXBeV0GyDg42_k_CUkI3M40ZNhfZfQRkyRz2jmhN73fmS_VaA1GAwV4PCKu5TBEev0nr0S5uQMjZi8gv_yDEaCZl0yWtTFCGlnTebJTk5Of2HlUZKKxg2w7oGSwgMgD9EU3nNBWj6mbbKE8VWzkIS01PoGS8HFq6yaqIRi6yBnM7hng91d4Sa9sZAkuA4C2Y7iFnCfg0o65mPHTXKfvbOhTjWiye8lHuoIf8jYrEV-YlOUlptpXEH4Evmqkp9I_LgPg4ID9USIhpRXm18ySJz2SSlVdAe1EarY53iHohZZX0PQmmCL7z6LCPVV1-xdzkQS-thg9NwseZ104zRbl9h9gAbW1AHWwUj6r3eTMeVegoVsbDDeqqOfxFvdpWzCy1kHAlY3IF6ILYXOAIf1en5voJCTYoDzi84zELO3kLU05h968FFJ8-zTMCvckzbXfFUfLBDgGn-2UhMreKmtsSPj_hfP7Yrh6sAmWlhjbh5vVukrFBLPDOQo5WIGIAU57_IorFgaURDR6-9rQ8TJ5eiKMYhErZ2kullIBYoeJX0iGe6b07oRDQqGs0Pqm9j9ftU7_DkRs4eviDGZ4eGv8J8D5DLiNqcK4UWJedNgl7CF83_0cDml5vnYVwQ-j8QVExionxI_GGp7iVaCqlqh1CVo1RT7eNq6xxO8amd8L-ufZt_6al81qyM3fkOylNM8Rsqu8GyfyV1EgIICzU8mHZxMGt-l6mn-0ln87_HZ1Rl46VLBZUSONfYQG90m9cn8Uj_FkvDnKSZLEZTo_-w789WLwQY65Iwk4VBE2UDMQ1702dznnTmhc33Fpa5d42X4KBq-kF4PI5TFmKpjOh0sAmTdIPQ0aBTjla0AS0lo_vTH6ltOeaL3xCIMKM-bpu0xnwy0kKOleRnSroPNOAGfc4FFdVJy6o5IJKfHKtX3Cjij5hIYZ6bq5012m7qynw5pOafFdXOjYSGBdg2v0a5gaSkrYWLTGLFZ_meXLXAm5IebpBvRacVMXzMBLyUiULCJ5FIZduxOxEl0s_xLNRtHVnoh2-3KPITmMZEtWnn1yQPql2Ni-GTSoIT64pxvmtNKwzrQPh3l9_NGaAvZL8ce2AbRhFO-zfnnVKbvjtUnFEhr0QQvpoaR5SXxZNQ6T7UGQWwMuwmUCq48sDqdyocHIymHllDrcoagRgYKv1GCKQANytuVYsmU13TT09KoRPnJb3sxQNpQSHFnKgfUkYQm1Qk20A&sai=AMfl-YTq9nRddpUQzq5wGykYosiOOnpKI68uM3AFJYF9Lbu9eAlL0O8jZL23DN8ONLuSLUL9N-rHTP3NBu5KnjuoAjMnZGz98ejKEx_st86KrSNgyNcFwia6QYLv2vFJxiynhH3MCtsdl1yk9ygVk5j9nDmjggrMUoAdRcbN1Xk&sig=Cg0ArKJSzApSqPiIg6rGEAE&cid=CAQSTwB7FLtqXI48upS26UUUaOp70LjjFOL4GsF374Uj409Cbalv0nqmxjiJit0oyCMc4KFXnrxRbpHVoLD9f4OtO2nSbRSZgL5QzekPaqSRuCgYAQ&id=lidar2&mcvt=1005&p=0,0,600,200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159123&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=661364900&rst=1710680849600&rpt=542&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: data.ringtun.info
URL: http://data.ringtun.info/wp-includes/js/wp-emoji-release.min.js

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
data.ringtun.info/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.ringtun.info/	1970-01-21 04:32:56	Name: __gads Value: ID=d3afb775185bd1f8:T=1710680847:RT=1710680847:S=ALNI_MbsgapqlbWiheg0zjf6lh2j3H4_yw
.ringtun.info/	1970-01-21 04:32:56	Name: __gpi Value: UID=00000dd3317d1ae4:T=1710680847:RT=1710680847:S=ALNI_MYDYI8hTvud6gPQgmvMqR1FP0hPpQ
.ringtun.info/	1970-01-20 23:30:32	Name: __eoi Value: ID=835a0a5da74f7a85:T=1710680847:RT=1710680847:S=AA-Afjbwf1TPIGs8TtN0YG93ldxE
.doubleclick.net/	1970-01-21 04:47:20	Name: IDE Value: AHWqTUnOo_xFHNQt6jNMyL3GqNeR4HPv2dlxNaMinaWXNpR5K6MiMun1m9SWE7nQvMc

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://data.ringtun.info/(Line 21) Message: Mixed Content: The page at 'https://data.ringtun.info/' was loaded over HTTPS, but requested an insecure script 'http://data.ringtun.info/wp-includes/js/wp-emoji-release.min.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data.ringtun.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.ringtun.info
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
data.ringtun.info
142.250.72.98
2606:4700:3037::6815:35de
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::2004
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01cc11dede1aaf24d774243a3a8ecd2c73b43e6b8bb49b0e81bf7e7b870e70ba
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332
1c442702f5d70e4fe67a055e3a65e71bf283c4261916ce3052fe70c0d7dd5514
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
29452de2752939dde4cf9057fafe7eed85dd9b50a50c4a4862a0f1eb8342c82c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5a790321dc2837f8f1665d030f26d5d101d5c34ceeabab0c9c0e69edf131f5
2f2c416cb3705535862b292585eaaa4f02277c5e8d72fd58fb01c24db097f8ae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48fcba8c87faa3c1ed145234d78b3a885ef554b4e920f683d58e76468b55ecac
49b482abb844002986639d74cbfa0ea2c903b25ce2178fe5ca35c9df40e133e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54079e319acc1f64718451b0b7f94c228a59d402178a3f29e9a44e2da40bee49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5754bc12f2200bb09c32a5c1f0c596ba54feab4d6b107379f2c1067c2801f437
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6829491997fce7c0e10e7a1e3296be274936da589264920352b1d6754efba106
6a786f354eff6e5c74290888da449fc605b0499d4358bf85cc08e21ac744e8ec
73695484289ebf62f8ebf454f6c93207229586c0bdeb6723b06a724011b4019f
7fee993fdc09b99014dad43fb08d0e1d1e0294bf37a7ea9ca32dae4a7cdded24
91d79679982d87d17a71297eae92f5c10a30e26f9afa938dcacf4254d3ab3b0a
9417db46129124b0513d79f2edb995ce3fcd7631994ad73946802096f81cd819
96dcadf2a0c8f1db5d5160e2267047df574677499275cffeead1b7bfeb1188a2
ac86409719030cfd727f4150b3596e609f7aab7b1539ae05a49d150d1c42ec42
b3de7e6acf6003bb7b30f306e2aafb54d5f982f3de13aba4fe7842cbca36a957
b62e3f6282622d0103acae3c206581dffe764097238a918edbbc7fa845f15cdf
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c298d0ac8cc581298942006fdc5f8742c2b2d8bfdbfa50471ad76775ee41fe26
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd7edafd6b59e14cb45567b88f1a7106bfa23b42b69d53203364e4b7d5804a01
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a609632060c1ff669dc514741cc0e97bb38660bc76aaa303d241413f9471d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
f31ca6e6b19cee07c15840fce412805fd6772532b43523180699866dde2522c7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8d1c532bbd48ec3ee454464c3aa9f04a59867ccfe52e7382c679292ad3f9293

data.ringtun.info Open in urlscan Pro 2606:4700:3037::6815:35de Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

95 %HTTPS

90 %IPv6

7 Domains

10 Subdomains

11 IPs

1 Countries

1024 kBTransfer

2747 kBSize

5 Cookies

2 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

data.ringtun.info Open in urlscan Pro
2606:4700:3037::6815:35de Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

95 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

1024 kB
Transfer

2747 kB
Size

5
Cookies

74 HTTP transactions
2 data transactions