www.igortutorsmoney.com Open in urlscan Pro
2a00:1450:4001:814::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://igortutorsmoney.com/
Effective URL:
https://www.igortutorsmoney.com/
Submission: On December 29 via automatic, source certstream-suspicious (December 29th 2020, 8:46:52 pm UTC)

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 76 HTTP transactions. The main IP is 2a00:1450:4001:814::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.igortutorsmoney.com.
TLS certificate: Issued by GTS CA 1D2 on December 29th 2020. Valid for: 3 months.

This is the only time www.igortutorsmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
15	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2009	15169 (GOOGLE) (GOOGLE)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST)
2	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:80a::2003	15169 (GOOGLE) (GOOGLE)
76	18

1 216.239.36.21 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

igortutorsmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.igortutorsmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com	333 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	168 KB
7	doubleclick.net googleads.g.doubleclick.net
5	igortutorsmoney.com 1 redirects igortutorsmoney.com www.igortutorsmoney.com	99 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	47 KB
4	google.com apis.google.com adservice.google.com	86 KB
3	blogger.com www.blogger.com	52 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	fontawesome.com use.fontawesome.com	53 KB
1	amung.us whos.amung.us	144 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	648 B
1	waust.at waust.at	7 KB
1	onesignal.com cdn.onesignal.com	3 KB
76	15

	Domain	Requested by
29	1.bp.blogspot.com	www.igortutorsmoney.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.igortutorsmoney.com
6	pagead2.googlesyndication.com	www.igortutorsmoney.com pagead2.googlesyndication.com
4	www.igortutorsmoney.com	www.igortutorsmoney.com
3	www.blogger.com	www.igortutorsmoney.com apis.google.com
3	4.bp.blogspot.com	www.igortutorsmoney.com
3	fonts.gstatic.com	www.igortutorsmoney.com
3	apis.google.com	www.igortutorsmoney.com apis.google.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	3.bp.blogspot.com	www.igortutorsmoney.com
2	2.bp.blogspot.com	www.igortutorsmoney.com
2	www.google-analytics.com	www.igortutorsmoney.com www.google-analytics.com
2	use.fontawesome.com	www.igortutorsmoney.com use.fontawesome.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	waust.at	www.igortutorsmoney.com
1	cdn.onesignal.com	www.igortutorsmoney.com
1	igortutorsmoney.com	1 redirects
76	22

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.blogger.com
whos.amung.us

Subject Issuer	Validity	Valid
www.igortutorsmoney.com GTS CA 1D2	`2020-12-29` - `2021-03-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.igortutorsmoney.com/
Frame ID: 96F63FC7EC2B63C1522E7229FDA3047D
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: EAAB9E16682A90773A046D0852E421C2
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=741487434053148684&blogName=IGOR+TUTORS+MONEY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.igortutorsmoney.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.igortutorsmoney.com/&vt=3017493417338289996&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: 1B395496D98FEFEC92568A382710EB16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=280&slotname=8598849672&adk=1720352256&adf=3293492714&pi=t.ma~as.8598849672&w=960&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795274&bpp=14&bdt=380&idt=136&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=193139925043&rume=1&frm=20&pv=2&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cvBQIe9Pdy&p=https%3A//www.igortutorsmoney.com&dtd=154
Frame ID: EBD01212A2085B4607FEAF8BE6DF6715
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=1760424138&adf=3640083427&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795288&bpp=3&bdt=394&idt=149&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=397&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0p5V0TmPbi&p=https%3A//www.igortutorsmoney.com&dtd=152
Frame ID: 7BF06ED9A57C112B472CF0D524B5CCF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=4040964745&adf=3891182232&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795291&bpp=1&bdt=397&idt=154&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280%2C300x600&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AAb0KUbQZ&p=https%3A//www.igortutorsmoney.com&dtd=157
Frame ID: 956B198F0DA6D69E39648C9DE3BB6D3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&adk=1812271804&adf=3025194257&lmt=1609274697&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795824&bpp=1&bdt=929&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6699932057e4110f-2297cb8f76b9008d%3AT%3D1609274795%3ART%3D1609274795%3AS%3DALNI_MbycmB3F8gY1YdV-Lo4K5LW90CCDQ&prev_fmts=960x280%2C300x600%2C300x600&nras=1&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9
Frame ID: 631FF799FE9A608AB64C681DE03F3698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=1760424138&adf=3640083427&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795288&bpp=3&bdt=394&idt=149&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=397&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0p5V0TmPbi&p=https%3A//www.igortutorsmoney.com&dtd=152
Frame ID: 0815E8CA694418C012854A6CB240EEE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=4040964745&adf=3891182232&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795291&bpp=1&bdt=397&idt=154&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280%2C300x600&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AAb0KUbQZ&p=https%3A//www.igortutorsmoney.com&dtd=157
Frame ID: 15DFF7489C2D1DD8599B04E9FDC7DE40
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=741487434053148684&blogName=IGOR+TUTORS+MONEY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.igortutorsmoney.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.igortutorsmoney.com/&vt=3017493417338289996&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: F42392E4AE0F843E409CDCC9B069C641
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 16D5853DBD06F0C438B008FBEC8261FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IGOR TUTORS MONEY

Page URL History Show full URLs

https://igortutorsmoney.com/ HTTP 301
https://www.igortutorsmoney.com/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

76
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

22
Subdomains

18
IPs

2
Countries

895 kB
Transfer

1795 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCDfr-EPLUTbhAFjvLG6eGZA
Title: Canal do Youtube

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/15890778851640398917
Title: IGOR TUTORS MONEY

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/l3jr4pyfrv/
Title: 1

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Saiba Mais

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://igortutorsmoney.com/ HTTP 301
https://www.igortutorsmoney.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.igortutorsmoney.com/
Redirect Chain

https://igortutorsmoney.com/
https://www.igortutorsmoney.com/

343 KB
74 KB

343ms
190ms

Document
text/html

2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38e17e31c01f6ba832a7ec8c6d7cbbf34f91663881388d8a95c17bb10f4fafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.igortutorsmoney.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Tue, 29 Dec 2020 20:46:34 GMT
date: Tue, 29 Dec 2020 20:46:34 GMT
cache-control: private, max-age=0
last-modified: Tue, 29 Dec 2020 20:44:57 GMT
etag: W/"81da95c1ae209df0d29890bc9066b0474f8dffa572f54b03ec2b8721dc1d506a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 75221
server: GSE

Redirect headers

location: https://www.igortutorsmoney.com/
date: Tue, 29 Dec 2020 20:46:34 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 229
x-xss-protection: 0
x-frame-options: SAMEORIGIN

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 32ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:34 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3005
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 60965f0c399e4a9e-FRA
cf-request-id: 0751d9bba600004a9eebbf3000000001
expires: Wed, 30 Dec 2020 08:46:34 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.10/css/ 36 KB
9 KB 146ms
51ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by: Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 23:10:22 GMT
server: NetDNA-cache/2.2
etag: W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
server: cafe
etag: 13290078405355148527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_05-15-01.20.46.jpg
1.bp.blogspot.com/-CRPptno6uyc/XTZvCvIKcwI/AAAAAAAADpY/iiIKO64nqlklVG2qniRYduiOOFq_k34CwCK4BGAYYCw/s1600/ 31 KB
31 KB 754ms
726ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-CRPptno6uyc/XTZvCvIKcwI/AAAAAAAADpY/iiIKO64nqlklVG2qniRYduiOOFq_k34CwCK4BGAYYCw/s1600/PicsArt_05-15-01.20.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4152e99fb8604a28a3bbb929e2e9bd04533f44f04dc23014fda63b1ad34f32b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="PicsArt_05-15-01.20.46.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31744
x-xss-protection: 0
server: fife
etag: "ve97"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 29 Dec 2020 14:16:54 GMT

GET
H2 200 PicsArt_07-11-04.59.51.jpg
1.bp.blogspot.com/-Sq9NNbxBWZI/XTZuXjy-8OI/AAAAAAAADpM/otjTUSjpX3A6yHPDjsZkXvaR0Jwi-hG4gCK4BGAYYCw/s1600/ 36 KB
36 KB 489ms
487ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Sq9NNbxBWZI/XTZuXjy-8OI/AAAAAAAADpM/otjTUSjpX3A6yHPDjsZkXvaR0Jwi-hG4gCK4BGAYYCw/s1600/PicsArt_07-11-04.59.51.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04f8cabb7ff21b9331af60f450a7e8df04a40e49a46944c811178314f57e0caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "ve94"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_07-11-04.59.51.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36532
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 30ms
27ms Script
application/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

952fa22d64309dd2cfc0b0055b71746a9a18e941ef416f36e6d2886f0e7c307d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xV+uu6yxKSHG4fR9srPDpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "aa3dfcc8f5068ab05df4ff5931bad59d"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-xV+uu6yxKSHG4fR9srPDpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 29 Dec 2020 20:46:35 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 43ms
20ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 832
cf-request-id: 0751d9bc940000dfdb009c6000000001
last-modified: Tue, 15 Dec 2020 21:50:04 GMT
server: cloudflare
etag: W/"5fd92f8c-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HNjPrsS6ci46wjU5O649x3DOdnjJ9eDNrJoN7sI%2B0oOuaorBfJOA3l3DMhvH005sArE2y6IrcxaJEOA5nGtVAFY9fKKuPhG9oRrOjPHsl2UdrKNV2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 60965f0dbcafdfdb-FRA
expires: Wed, 30 Dec 2020 20:32:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3361
date: Tue, 29 Dec 2020 19:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 29 Dec 2020 21:50:34 GMT

GET
H2 200 /
www.igortutorsmoney.com/ 22 KB
22 KB 200ms
200ms Image
text/html 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.igortutorsmoney.com/

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Dec 2020 20:44:57 GMT
server: GSE
etag: W/"81da95c1ae209df0d29890bc9066b0474f8dffa572f54b03ec2b8721dc1d506a"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 75221
x-xss-protection: 1; mode=block
expires: Tue, 29 Dec 2020 20:46:35 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.igortutorsmoney.com
Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 03:44:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:26:06 GMT
server: sffe
age: 406901
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
expires: Sat, 25 Dec 2021 03:44:54 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 43 KB
43 KB 137ms
44ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Origin: https://www.igortutorsmoney.com
Referer: https://use.fontawesome.com/releases/v5.0.10/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
last-modified: Tue, 10 Apr 2018 23:10:38 GMT
server: NetDNA-cache/2.2
etag: "84f351b3972185aed620f78489e48b2d"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 44068

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 16 KB
16 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.igortutorsmoney.com
Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 21:44:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:52 GMT
server: sffe
age: 82933
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15908
x-xss-protection: 0
expires: Tue, 28 Dec 2021 21:44:22 GMT

GET
H2 200 nth-ify.png
4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w35/ 356 B
753 B 11ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w35/nth-ify.png

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

584a46e7257c958e0a7e42eabad0adad9bbed47a092e4474ce4a887d58a62fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:28:22 GMT
x-content-type-options: nosniff
age: 1093
content-disposition: inline;filename="nth-ify.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 356
x-xss-protection: 0
server: fife
etag: "v638"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Dec 2020 22:07:21 GMT

GET
H2 200 PicsArt_08-27-10.56.21.jpg
1.bp.blogspot.com/-5EoJDMwZRfg/X0s5sfZAoLI/AAAAAAAAEU4/MoC-eZaYVLIc9gk0GO0tEmwok0SHuVI_ACLcBGAsYHQ/w35/ 1 KB
1 KB 483ms
481ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5EoJDMwZRfg/X0s5sfZAoLI/AAAAAAAAEU4/MoC-eZaYVLIc9gk0GO0tEmwok0SHuVI_ACLcBGAsYHQ/w35/PicsArt_08-27-10.56.21.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

162b90a9d1c894e705005e6650f95bd7955099d6c5f5444360e7879a50a951d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v114f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-27-10.56.21.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 IMG_20200702_145345.jpg
1.bp.blogspot.com/-bzh4pBq8Zvk/Xv4fOv4IU6I/AAAAAAAAEPU/LYNXdMF-ZNIIlVzwZzeyanp1wTy2C9BAACLcBGAsYHQ/w35/ 1 KB
1 KB 489ms
487ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bzh4pBq8Zvk/Xv4fOv4IU6I/AAAAAAAAEPU/LYNXdMF-ZNIIlVzwZzeyanp1wTy2C9BAACLcBGAsYHQ/w35/IMG_20200702_145345.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

97e1d2769b5e3a030670cd6d447175ecadc5b06905d6ac519114255e6e507bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10f6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200702_145345.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_06-08-10.24.53.jpg
1.bp.blogspot.com/-0ml_gcLjve8/Xt8NKMEl-QI/AAAAAAAAEOk/OFwLcF0rt304wZ5FOzcUZhwpEwi2L-5FQCLcBGAsYHQ/w35/ 1 KB
1 KB 461ms
458ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0ml_gcLjve8/Xt8NKMEl-QI/AAAAAAAAEOk/OFwLcF0rt304wZ5FOzcUZhwpEwi2L-5FQCLcBGAsYHQ/w35/PicsArt_06-08-10.24.53.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f1cc7d020a0bc7a225c9cd5b41389355fbd343433ca0c24d7cb0a5cf32dee9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10ea"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-08-10.24.53.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_06-05-06.48.46.jpg
1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w35/ 1 KB
1 KB 478ms
476ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w35/PicsArt_06-05-06.48.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6cf582a2386474e987968f420e1e34dde85880509cd20aa78a70d371129f41c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10e3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-05-06.48.46.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1160
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_06-04-11.08.58.jpg
1.bp.blogspot.com/-NB9adi-px9A/XtkCm3YmeyI/AAAAAAAAENk/ZmGLCG9bOBIUltxeusWLxE9mXGdgpFkdQCLcBGAsYHQ/w35/ 1 KB
1 KB 464ms
462ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NB9adi-px9A/XtkCm3YmeyI/AAAAAAAAENk/ZmGLCG9bOBIUltxeusWLxE9mXGdgpFkdQCLcBGAsYHQ/w35/PicsArt_06-04-11.08.58.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66267a25942f70a96567b2823b94ab5ce368745ba5913aca206ce467a1816c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10da"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-04-11.08.58.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1173
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_04-19-11.21.19.jpg
1.bp.blogspot.com/-hKeqNry5pu8/Xp0LVpls1EI/AAAAAAAAEMU/IEoY6Encs7Qq3jABm4yEoSnswOpdcCF9QCLcBGAsYHQ/w35/ 1 KB
1 KB 487ms
486ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-hKeqNry5pu8/Xp0LVpls1EI/AAAAAAAAEMU/IEoY6Encs7Qq3jABm4yEoSnswOpdcCF9QCLcBGAsYHQ/w35/PicsArt_04-19-11.21.19.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d84e14b4bba604c7c4ab0d0b3623a226ea995f810ee7df26eeeec757acbae59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10c6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_04-19-11.21.19.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1131
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 IMG_20200320_002712.jpg
1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w35/ 639 B
740 B 472ms
471ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w35/IMG_20200320_002712.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e813c882d3610c60b5881ebc4f5cad84c384539bbc5c5dac00756eb0dc6d5145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10bc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200320_002712.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 IMG_20200320_001519.jpg
1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w35/ 651 B
752 B 475ms
474ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w35/IMG_20200320_001519.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a136b0f23a957f5efa7ac898ef6c232d2d803abd117e14cd3e8ec598943fade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v10b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200320_001519.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_03-19-10.46.59.jpg
1.bp.blogspot.com/-qPU-9BAvZdw/XnQqCx9RkuI/AAAAAAAAEJs/eLXJkBJuBqEqPat4iYuxaOsrFSZ2J0T9gCLcBGAsYHQ/w35/ 1 KB
1 KB 428ms
427ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qPU-9BAvZdw/XnQqCx9RkuI/AAAAAAAAEJs/eLXJkBJuBqEqPat4iYuxaOsrFSZ2J0T9gCLcBGAsYHQ/w35/PicsArt_03-19-10.46.59.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d14dc2f0baa80ca4cd4d9bd37e8f1b67e3a493f4e8fb2e7a91afacae24ac352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v109c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_03-19-10.46.59.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_08-21-09.32.16.jpg
1.bp.blogspot.com/-nl6G5R1-bCM/XV3kkWpPiQI/AAAAAAAAD14/EUNnQIaUrj4JXrDGwwYdBNq3IezQxSgAwCLcBGAs/w35/ 1 KB
1 KB 358ms
358ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nl6G5R1-bCM/XV3kkWpPiQI/AAAAAAAAD14/EUNnQIaUrj4JXrDGwwYdBNq3IezQxSgAwCLcBGAs/w35/PicsArt_08-21-09.32.16.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

122d2da0ed8f67231320866ffe1076c1073977f564d8d5bbf4d36cd73b324f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "vf5f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-21-09.32.16.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1179
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.igortutorsmoney.com
Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 16:37:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:46 GMT
server: sffe
age: 360554
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sat, 25 Dec 2021 16:37:21 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 138 KB
49 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 11:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 17:03:00 GMT
server: sffe
age: 121194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49552
x-xss-protection: 0
expires: Tue, 28 Dec 2021 11:06:41 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 54 KB
17 KB 36ms
23ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db421d4db0137f9703245f01d9ccfe5414621f2f80350793a561b2d02ec48b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 08:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 17:03:00 GMT
server: sffe
age: 301664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17810
x-xss-protection: 0
expires: Sun, 26 Dec 2021 08:58:51 GMT

GET
H3-Q050 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
811 B 35ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 11:22:06 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=770987657&t=pageview&_s=1&dl=https%3A%2F%2Fwww.igortutorsmoney.com%2F&ul=en-us&de=UTF-8&dt=IGOR%20TUTORS%20MONEY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1015314068&gjid=968695121&cid=1008202090.1609274795&tid=UA-144485100-1&_gid=1431678604.1609274795&_r=1&_slc=1&z=1407642487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.igortutorsmoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 20:46:35 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame EAAB 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 29 Dec 2020 09:58:13 GMT
expires: Tue, 12 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 38902
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookienotice.js Show response
www.igortutorsmoney.com/js/ 6 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.igortutorsmoney.com/js/cookienotice.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Dec 2020 20:10:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:46:35 GMT

GET
H2 200 2566653647-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
52 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2566653647-widgets.js

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

816a527542ad79e1d70328d4a48bcda30a029d1fedbbc7edd628aa2c86a546af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 13:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Dec 2020 11:11:31 GMT
server: sffe
age: 24573
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52709
x-xss-protection: 0
expires: Wed, 29 Dec 2021 13:57:02 GMT

GET
H2 200 summary Show response
www.igortutorsmoney.com/feeds/posts/ 3 KB
1 KB 425ms
425ms Script
text/javascript 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.igortutorsmoney.com/feeds/posts/summary?max-results=1&alt=json&callback=dataFeed

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

78d7159e76c5f29cf7f55a68f147f829ca7d29dde9d861bde889a74702b3c7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Dec 2020 20:44:57 GMT
server: blogger-renderd
etag: W/"fdebda27bec07a73c3226d9f0d792731df9b17383c14d918d9dd4272d1af19f9"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 1077
x-xss-protection: 0
expires: Tue, 29 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame 1B39 0
0 155ms
142ms Document
text/html 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=741487434053148684&blogName=IGOR+TUTORS+MONEY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.igortutorsmoney.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.igortutorsmoney.com/&vt=3017493417338289996&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=741487434053148684&blogName=IGOR+TUTORS+MONEY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.igortutorsmoney.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.igortutorsmoney.com/&vt=3017493417338289996&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2599
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 PicsArt_04-24-08.39.38.jpg
2.bp.blogspot.com/-J5A-Jx6XDMs/XMH3YBYCjoI/AAAAAAAAABI/BvLNNEljn6Aicmn2rtkkejk8XBBdkct0ACLcBGAs/w35/ 1 KB
1 KB 396ms
393ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-J5A-Jx6XDMs/XMH3YBYCjoI/AAAAAAAAABI/BvLNNEljn6Aicmn2rtkkejk8XBBdkct0ACLcBGAs/w35/PicsArt_04-24-08.39.38.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5d11a3d420660ae7bd7f04a5bf9039cf0095847cd6f9e4569e6ff8eb3a13f9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v13"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_04-24-08.39.38.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1195
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_05-15-01.20.46.jpg
3.bp.blogspot.com/-EL2QSHLcZQ8/XNxO2b61YUI/AAAAAAAADlI/EmvaurOT3Jgm8pTQ7avrvgSRfRcbKOpbQCLcBGAs/w35/ 1 KB
1 KB 376ms
373ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-EL2QSHLcZQ8/XNxO2b61YUI/AAAAAAAADlI/EmvaurOT3Jgm8pTQ7avrvgSRfRcbKOpbQCLcBGAs/w35/PicsArt_05-15-01.20.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51ba3b30d0be042411212d9e1486db79caba309a4fcd213cf8601afd9d8b387d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "ve53"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_05-15-01.20.46.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 20190902_193048.jpg
1.bp.blogspot.com/-PPVwTyt1srY/XW2YtGJvdfI/AAAAAAAAD5c/NZR_wmvGAdIgclZLFnsDPQl1U6a1yZnHgCLcBGAs/w35/ 688 B
786 B 368ms
367ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-PPVwTyt1srY/XW2YtGJvdfI/AAAAAAAAD5c/NZR_wmvGAdIgclZLFnsDPQl1U6a1yZnHgCLcBGAs/w35/20190902_193048.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d00d78ebad8dedc053e13d8fc2cf9861cb944ef20d1d155c4503bc856fa8a22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "vf98"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20190902_193048.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 688
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H2 200 PicsArt_09-11-09.46.36.jpg
1.bp.blogspot.com/-rjfJtxTuVmU/XXjuAsdHhXI/AAAAAAAAD7E/TIUEgUbjkXwGTVtkOH1gXU3xd6jffE_bwCLcBGAsYHQ/w35/ 1 KB
1 KB 380ms
379ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rjfJtxTuVmU/XXjuAsdHhXI/AAAAAAAAD7E/TIUEgUbjkXwGTVtkOH1gXU3xd6jffE_bwCLcBGAsYHQ/w35/PicsArt_09-11-09.46.36.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b7b6ff4cb6b73cda5942b96e71987e24068e69c7b19822d1f99e784d73535078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "vfb2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_09-11-09.46.36.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:35 GMT

GET
H3-Q050 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 49 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5fc863c843ee0f76c21528a7268e27e2e64b6f376914fb2b204c7404893412f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 13:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19702
x-xss-protection: 0
server: cafe
etag: 1588966909384457121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 13:57:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
648 B 146ms
52ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.igortutorsmoney.com&callback=_gfp_s_&client=ca-pub-6838513561600926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

a73dd4503ac5258f66439739eb429f4ec27d55fe4155f2fdc018d38aba3a22a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.igortutorsmoney.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.igortutorsmoney.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame EBD0 0
0 122ms
122ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=280&slotname=8598849672&adk=1720352256&adf=3293492714&pi=t.ma~as.8598849672&w=960&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795274&bpp=14&bdt=380&idt=136&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=193139925043&rume=1&frm=20&pv=2&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cvBQIe9Pdy&p=https%3A//www.igortutorsmoney.com&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=280&slotname=8598849672&adk=1720352256&adf=3293492714&pi=t.ma~as.8598849672&w=960&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795274&bpp=14&bdt=380&idt=136&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=193139925043&rume=1&frm=20&pv=2&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cvBQIe9Pdy&p=https%3A//www.igortutorsmoney.com&dtd=154
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Dec-2020 21:01:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Tue, 29 Dec 2020 20:46:35 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7BF0 0
0 105ms
104ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=1760424138&adf=3640083427&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795288&bpp=3&bdt=394&idt=149&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=397&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0p5V0TmPbi&p=https%3A//www.igortutorsmoney.com&dtd=152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=1760424138&adf=3640083427&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795288&bpp=3&bdt=394&idt=149&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=397&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0p5V0TmPbi&p=https%3A//www.igortutorsmoney.com&dtd=152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Dec-2020 21:01:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 956B 0
0 103ms
103ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=4040964745&adf=3891182232&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795291&bpp=1&bdt=397&idt=154&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280%2C300x600&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AAb0KUbQZ&p=https%3A//www.igortutorsmoney.com&dtd=157

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=4040964745&adf=3891182232&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795291&bpp=1&bdt=397&idt=154&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280%2C300x600&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AAb0KUbQZ&p=https%3A//www.igortutorsmoney.com&dtd=157
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Dec-2020 21:01:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 631F 0
0 117ms
117ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&adk=1812271804&adf=3025194257&lmt=1609274697&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795824&bpp=1&bdt=929&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6699932057e4110f-2297cb8f76b9008d%3AT%3D1609274795%3ART%3D1609274795%3AS%3DALNI_MbycmB3F8gY1YdV-Lo4K5LW90CCDQ&prev_fmts=960x280%2C300x600%2C300x600&nras=1&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&adk=1812271804&adf=3025194257&lmt=1609274697&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795824&bpp=1&bdt=929&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6699932057e4110f-2297cb8f76b9008d%3AT%3D1609274795%3ART%3D1609274795%3AS%3DALNI_MbycmB3F8gY1YdV-Lo4K5LW90CCDQ&prev_fmts=960x280%2C300x600%2C300x600&nras=1&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 4267
x-xss-protection: 0
set-cookie: IDE=AHWqTUlQQQ8o05ACTwUKzmU1bykC7hFPDl3S1zozMQeLfP2tR2FdkM9Rlk96iPB5; expires=Sun, 23-Jan-2022 20:46:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0815 0
0 130ms
129ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=1760424138&adf=3640083427&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795288&bpp=3&bdt=394&idt=149&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=397&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0p5V0TmPbi&p=https%3A//www.igortutorsmoney.com&dtd=152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUld5kOIyrxvUDt5RcB4kC89Rn9zVFPo54UvdU2gysntViHF4L6ZeGnEithz; expires=Sun, 23-Jan-2022 20:46:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 15DF 0
0 94ms
93ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-6838513561600926&output=html&h=600&slotname=8598849672&adk=4040964745&adf=3891182232&pi=t.ma~as.8598849672&w=300&fwrn=4&fwrnh=100&lmt=1609274697&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.igortutorsmoney.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609274795291&bpp=1&bdt=397&idt=154&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x280%2C300x600&correlator=193139925043&rume=1&frm=20&pv=1&ga_vid=1008202090.1609274795&ga_sid=1609274795&ga_hid=770987657&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067982%2C21066613%2C21066615%2C21067087&oid=3&pvsid=3403610912902326&pem=147&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AAb0KUbQZ&p=https%3A//www.igortutorsmoney.com&dtd=157
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Dec 2020 20:46:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUkbW20nDl0AWTdx9GiJqYaxW--Wtn6z_DwAKxT6sokRa6f2vfxFik9eqB1F; expires=Sun, 23-Jan-2022 20:46:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Dec 2020 20:46:35 GMT
cache-control: private

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame F423 0
0 146ms
146ms Document
text/html 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=741487434053148684&blogName=IGOR+TUTORS+MONEY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.igortutorsmoney.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.igortutorsmoney.com/&vt=3017493417338289996&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Dec 2020 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2596
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 nth-ify.png
4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w380/ 2 KB
2 KB 79ms
60ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w380/nth-ify.png

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b123c9c06d114b5aa466b4ac28fb60399f15973334d74aedfc54c6158ef81322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:28:23 GMT
x-content-type-options: nosniff
age: 1092
content-disposition: inline;filename="nth-ify.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2099
x-xss-protection: 0
server: fife
etag: "v638"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Dec 2020 09:36:35 GMT

GET
H3-Q050 200 PicsArt_08-27-10.56.21.jpg
1.bp.blogspot.com/-5EoJDMwZRfg/X0s5sfZAoLI/AAAAAAAAEU4/MoC-eZaYVLIc9gk0GO0tEmwok0SHuVI_ACLcBGAsYHQ/w380/ 31 KB
31 KB 384ms
365ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5EoJDMwZRfg/X0s5sfZAoLI/AAAAAAAAEU4/MoC-eZaYVLIc9gk0GO0tEmwok0SHuVI_ACLcBGAsYHQ/w380/PicsArt_08-27-10.56.21.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b1eaf488a137ef0b0de0132a04271dcabedf266d4fed4c0df900727a58df2b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v114f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-27-10.56.21.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31682
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 IMG_20200702_145345.jpg
1.bp.blogspot.com/-bzh4pBq8Zvk/Xv4fOv4IU6I/AAAAAAAAEPU/LYNXdMF-ZNIIlVzwZzeyanp1wTy2C9BAACLcBGAsYHQ/w380/ 28 KB
28 KB 300ms
282ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bzh4pBq8Zvk/Xv4fOv4IU6I/AAAAAAAAEPU/LYNXdMF-ZNIIlVzwZzeyanp1wTy2C9BAACLcBGAsYHQ/w380/IMG_20200702_145345.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d622d88eb785eba0db9672221709338f12feb74230a8f8b3e1e400eb57e4969e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10f6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200702_145345.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28734
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_06-08-10.24.53.jpg
1.bp.blogspot.com/-0ml_gcLjve8/Xt8NKMEl-QI/AAAAAAAAEOk/OFwLcF0rt304wZ5FOzcUZhwpEwi2L-5FQCLcBGAsYHQ/w380/ 29 KB
29 KB 310ms
292ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0ml_gcLjve8/Xt8NKMEl-QI/AAAAAAAAEOk/OFwLcF0rt304wZ5FOzcUZhwpEwi2L-5FQCLcBGAsYHQ/w380/PicsArt_06-08-10.24.53.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d58ad1132eb47b32dc819b6c5974dc14a3f71013d5748cd221703803f0281c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10ea"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-08-10.24.53.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29954
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_06-05-06.48.46.jpg
1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w380/ 30 KB
30 KB 340ms
323ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w380/PicsArt_06-05-06.48.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9620fa5e9f9ea4a6077e3f2135701c83f0114b565df28301807183777961d7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10e3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-05-06.48.46.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30364
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_06-04-11.08.58.jpg
1.bp.blogspot.com/-NB9adi-px9A/XtkCm3YmeyI/AAAAAAAAENk/ZmGLCG9bOBIUltxeusWLxE9mXGdgpFkdQCLcBGAsYHQ/w380/ 32 KB
32 KB 325ms
307ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NB9adi-px9A/XtkCm3YmeyI/AAAAAAAAENk/ZmGLCG9bOBIUltxeusWLxE9mXGdgpFkdQCLcBGAsYHQ/w380/PicsArt_06-04-11.08.58.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd3bf399e728cd84ceedf115e9543de51a8e9efdf55fab71fcce7faf3159c5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10da"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-04-11.08.58.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33119
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_04-19-11.21.19.jpg
1.bp.blogspot.com/-hKeqNry5pu8/Xp0LVpls1EI/AAAAAAAAEMU/IEoY6Encs7Qq3jABm4yEoSnswOpdcCF9QCLcBGAsYHQ/w380/ 28 KB
28 KB 319ms
302ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-hKeqNry5pu8/Xp0LVpls1EI/AAAAAAAAEMU/IEoY6Encs7Qq3jABm4yEoSnswOpdcCF9QCLcBGAsYHQ/w380/PicsArt_04-19-11.21.19.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f8629dc2992b66a544c88053ec687f7b6f5f2302d71bf547c347109cc67963b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10c6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_04-19-11.21.19.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28530
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 IMG_20200320_002712.jpg
1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w380/ 13 KB
13 KB 295ms
277ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w380/IMG_20200320_002712.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a8edae8fd9272927b0cc355d7c6219bd09afc742bc149c7ea33b40ef7e00f9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10bc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200320_002712.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13305
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 IMG_20200320_001519.jpg
1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w380/ 11 KB
11 KB 271ms
254ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w380/IMG_20200320_001519.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc0265708c8a0398df34e7277820cec9a38c785a70e8895008fae0919b840e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200320_001519.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11572
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 nth-ify.png
4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w120/ 780 B
858 B 90ms
72ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w120/nth-ify.png

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

574ec43bc1baf72f8daab5b67a4ecfc62c7fd627e97fa26612c207689458aaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="nth-ify.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 780
x-xss-protection: 0
server: fife
etag: "v638"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 29 Dec 2020 02:51:08 GMT

GET
H3-Q050 200 PicsArt_03-19-10.46.59.jpg
1.bp.blogspot.com/-qPU-9BAvZdw/XnQqCx9RkuI/AAAAAAAAEJs/eLXJkBJuBqEqPat4iYuxaOsrFSZ2J0T9gCLcBGAsYHQ/w120/ 6 KB
6 KB 300ms
283ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qPU-9BAvZdw/XnQqCx9RkuI/AAAAAAAAEJs/eLXJkBJuBqEqPat4iYuxaOsrFSZ2J0T9gCLcBGAsYHQ/w120/PicsArt_03-19-10.46.59.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7dbd1104ef95d0a50eb190f76f0987e22431ea56727a3ee38215313d5c4d8f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v109c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_03-19-10.46.59.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6265
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_08-21-09.32.16.jpg
1.bp.blogspot.com/-nl6G5R1-bCM/XV3kkWpPiQI/AAAAAAAAD14/EUNnQIaUrj4JXrDGwwYdBNq3IezQxSgAwCLcBGAs/w120/ 6 KB
6 KB 201ms
183ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nl6G5R1-bCM/XV3kkWpPiQI/AAAAAAAAD14/EUNnQIaUrj4JXrDGwwYdBNq3IezQxSgAwCLcBGAs/w120/PicsArt_08-21-09.32.16.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

24706b90aee2e0a798ef6b358d856f691d8773a2aa50dc367c9cc498d79f1a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "vf5f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-21-09.32.16.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6220
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 IMG_20200320_001519.jpg
1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w120/ 3 KB
3 KB 275ms
258ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-c_3FgUzxpS4/XnQ1qFrppYI/AAAAAAAAEK4/YtRUKJOMGqMFex0wOb96r8wtAfUybZA-ACLcBGAsYHQ/w120/IMG_20200320_001519.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb841c8fcef723be2c7d27f26067362911347162c21bfc0e94d812ba3e249c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="IMG_20200320_001519.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2631
x-xss-protection: 0
server: fife
etag: "v10b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 29 Dec 2020 14:16:55 GMT

GET
H3-Q050 200 PicsArt_04-24-08.39.38.jpg
2.bp.blogspot.com/-J5A-Jx6XDMs/XMH3YBYCjoI/AAAAAAAAABI/BvLNNEljn6Aicmn2rtkkejk8XBBdkct0ACLcBGAs/w120/ 6 KB
6 KB 362ms
345ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-J5A-Jx6XDMs/XMH3YBYCjoI/AAAAAAAAABI/BvLNNEljn6Aicmn2rtkkejk8XBBdkct0ACLcBGAs/w120/PicsArt_04-24-08.39.38.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6829f6f4818308447687c638575dd1c992982013811c63ec6c95211643935b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v13"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_04-24-08.39.38.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6134
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 IMG_20200320_002712.jpg
1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w120/ 3 KB
3 KB 306ms
288ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mRf5Puj1xYQ/XnQ4QIkR_OI/AAAAAAAAELs/vyBl2cIT6_AbgjRXH-B7Qloq_BVDoFKIQCLcBGAsYHQ/w120/IMG_20200320_002712.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f2d0bf08df93eaa4837be51c4689ae5b53e9546c32f6167432c8c99fbcb475b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10bc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20200320_002712.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2606
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_05-15-01.20.46.jpg
3.bp.blogspot.com/-EL2QSHLcZQ8/XNxO2b61YUI/AAAAAAAADlI/EmvaurOT3Jgm8pTQ7avrvgSRfRcbKOpbQCLcBGAs/w120/ 5 KB
5 KB 208ms
190ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-EL2QSHLcZQ8/XNxO2b61YUI/AAAAAAAADlI/EmvaurOT3Jgm8pTQ7avrvgSRfRcbKOpbQCLcBGAs/w120/PicsArt_05-15-01.20.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37473a8ec9166a2b1b12d97aeba8cfb424c51246ef942e460a305b06c869e7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "ve53"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_05-15-01.20.46.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5491
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 20190902_193048.jpg
1.bp.blogspot.com/-PPVwTyt1srY/XW2YtGJvdfI/AAAAAAAAD5c/NZR_wmvGAdIgclZLFnsDPQl1U6a1yZnHgCLcBGAs/w120/ 3 KB
3 KB 209ms
192ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-PPVwTyt1srY/XW2YtGJvdfI/AAAAAAAAD5c/NZR_wmvGAdIgclZLFnsDPQl1U6a1yZnHgCLcBGAs/w120/20190902_193048.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e2c2968b4163dfd225cf3aa5ce347de3cb33ef5c14eedf5de025904d1301e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="20190902_193048.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
server: fife
etag: "vf98"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 29 Dec 2020 14:16:55 GMT

GET
H3-Q050 200 PicsArt_09-11-09.46.36.jpg
1.bp.blogspot.com/-rjfJtxTuVmU/XXjuAsdHhXI/AAAAAAAAD7E/TIUEgUbjkXwGTVtkOH1gXU3xd6jffE_bwCLcBGAsYHQ/w120/ 6 KB
6 KB 205ms
188ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rjfJtxTuVmU/XXjuAsdHhXI/AAAAAAAAD7E/TIUEgUbjkXwGTVtkOH1gXU3xd6jffE_bwCLcBGAsYHQ/w120/PicsArt_09-11-09.46.36.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d1f8619ccce98b9b701348e9cb5e5f3837d7d53df61360b9c66494c56982e80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "vfb2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_09-11-09.46.36.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5955
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 PicsArt_06-05-06.48.46.jpg
1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w120/ 6 KB
6 KB 325ms
308ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZbIto8f-HDg/Xt0wex9ik9I/AAAAAAAAEOI/-SfLeguy3hQFBRrlJRDj2EHUIoj-6BUTQCLcBGAsYHQ/w120/PicsArt_06-05-06.48.46.jpg

Requested by

Host: www.igortutorsmoney.com
URL: https://www.igortutorsmoney.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50fb6fd17fcf25f9845a6f10e3912f04565e3fdc909cfb5dc952d9be0fedaa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v10e3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_06-05-06.48.46.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
expires: Wed, 30 Dec 2020 20:46:36 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
144 B 435ms
145ms Script
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=l3jr4pyfrv&t=IGOR%20TUTORS%20MONEY&c=d&x=https%3A%2F%2Fwww.igortutorsmoney.com%2F&y=&a=0&v=27&r=616
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 1cafe9b8fc0bed0d6bb16b7b2b241e6ad6b92609bdc3ccd1be1c61bc1d0b11fc

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

add715400044fb7ee2820a4a131fae8601047542cd25aae5d4bd2cd118d3546c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 20:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6334
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 20:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 29 Dec 2020 20:46:36 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 16D5 0
0 34ms
20ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.igortutorsmoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.igortutorsmoney.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 29 Dec 2020 20:02:01 GMT
expires: Wed, 29 Dec 2021 20:02:01 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2675
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3403610912902326&bg=!MzClMBDNAAUbEDgJG1jwueEi4M9TmAIAAACIUgAAABJoAQcKAP70E7Nv-Vtg8dowyNwMQ7rUn-BuL9GVDsBfjxO8B1zOO0iRoDWZSV9FsxOcOAKHhRMsmfKL0wedJSo52zviEQ_2roTTajOKAsv7a8-5hkVqyYrYsCQfll6VHvPUQdGx47Gy3ohR2eATToPv5DbpWCYjz99rDrxZhnFOT0EIhwyEZNgNuOMXIIBud1pEaGoNAOqBdSF6By6pnL0Y38C-EKuzeYciNYILdfba2Lt3t9B-83cicfN9K1OGhTbl9PuPsr5JxGd-2MGO9JC2RwtUj2UtI8CSJM9k5TulwKFlCKVDxbnOPRRay9jIXNEOQUv-YsYok-F7aSq5aevDnXqJhJkBwB4e7Now7nyxIyJBUEKGkZ6of7pKZgFHOwfh1zwXOe6xysg-Vq8UkjbY7hyc9TnedwTpbbktVLkkILimZQH92YHeMe2cEMXD5A2B24yS0GPWJZiopfmwnDmSX0zA3njeq22VFKOpF-r8NXGK8qnFtcZeTfJ79FDpWhr4KWRXpJE94RhP1m8CfN4HDS9uIxGKetCyxz0h06p-pIbND2Yzxv8yIB1ZpvpJL9ddd1ntTb9KjkNMu5Hpc6lvsbPcGj80c0dwyAnn1P_nsH_M86dIUomKxplly4CNS8ZhV_fVpwraymCbYjVX-5eGA4RuofAUNaKlhwe8zIGVh3L0fnUMs6cP4ZbVFAtS-eoOBnvH37ElYHLsolxfPaDMhIdhVRr6N0OJ_kOwpEvEcyHM8tGb9uFzbPkS3m_IrpDMGRPDYX204DGhjfjeJamJ0cZdui7zuNK0B_1lJB_KrtKDUqh_46fyWbPgf6yx3Wkc8QhADajDnZmK7uqn4rgvR6gdQL8Ibtvp5solYN7UdFNbpiPLPt1apUed5UBfT4zL2mz0I2pIUa7InwMOVnG_ELwazkdkR4sM4RAl6mncaWUtXoskHco

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 20:46:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
331 B 324ms
108ms Other
image/gif 2607:f8b0:4002:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kjagnv7f&c=3403610912902326&e=21067982%2C21066613%2C21066615%2C21067087&ctx=1&met.3=780.ok~779.ok~247.on~248.on~164.oo_a~165.ol_e~247.oz~248.oz~164.p0_2~165.oz_3~247.p2~248.p2~164.p2~165.p1_1~166.of_n~780.p3~779.p3~166.p3~780.p6~779.p6~166.p6~326.sf_1~161.sg_1~216.sd_7~215.sd_7~639.t1~160.t1~326.t4~161.t4~216.t4_1~215.t4_1~639.t9~160.t9~189.ta~326.tc~161.tc~216.tc_1~215.tc_1~639.tg~160.tg~189.tg~112.th_1~189.tj~298.u0~298.u0~298.u7~155.to_n~168.wd~168.wd~168.wd~168.wd~168.wd~168.wd~168.wd~168.wd_1~168.wd_1~168.we~168.we~168.we~168.wf~168.wf~168.wf~168.wf~168.wf~168.wf~132.wf~168.wf~168.wf~168.wf~168.wf~168.wf~168.wf~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~168.wg~132.wg~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~168.wn~132.wn~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~132.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wo~168.wp~168.wo~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~132.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~168.wp~132.wp~629.wr~143.x3_2~132.ya~132.yc~132.ye~143.zy_3~129.119_1~143.12t_6~326.13w_1~161.13x~164.13v_3~165.13u_4~298.145~639.147~160.147~189.15h~143.15r_6~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17k~168.17l~168.17l~168.17l~132.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~168.17l~132.17l~168.17l~168.17l~132.17n~429.17n~129.188~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~168.18h~132.18h~168.18h~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~168.18i~132.18i~168.18i~168.18i~143.18p_2~132.19s~132.19t~143.1bj_1~143.1ed_2~129.1f6~154.1h6~143.1he_2~113.1hg_8~153.1jz~143.1k8_3~129.1m5~143.1n3_2~143.1px_2~143.1sr_3~143.1vl_2~143.1yf_1~143.219_2~143.243_2~143.26x_2~143.29q_1&met.1=1.kjagnudx~6.4f~7.4g~8.82~9.82~10.8o~11.87~12.8o~13.dy~14.o9~15.e1~16.13u~17.13v~18.153~19.1h6~20.1h6~21.1h7~22.m9~23.m9&met.7=CBsQCiD_AzggwAHR3viCDQ~CBsQByD_AziUAcABvdqozwU~CAEQChgBIMsFKMsFMIUGODpAzAVIzwVQzwVY5QVg1QVo5gVw_QV4l_YCgAGD8AKIAdqpCLABAbgBA8AB3o6_mwE~CBsQBiDOBTj2BcABxrjIrgI~CBsQBiDPBTiNBMABrLPjrws~CBsQChgBIM8FKM8FMIkGODpo7AVwhwZ4_JcBgAGjlAGIAdyFA7ABAbgBA8ABoNj1Fg~CBsQCiDRBThFwAHfi4PJAQ~CBsQCiDoBTgMwAHZ67DzCg~CBsQAiDvBTjkAcABwfyLgQ4~CBMQAhgBIPEFKPEFMPsFOAlo9AVw-gV483mAAfh4iAH4eKoBEwoNc291cmNlc2Fuc3BybxALGAKwAQG4AQPAAZmhv70C~CBsQAiDxBTi3AcAB2Of9rAY~CBMQAhgBIJUGKJUGMLoGOCRAlgZIlgZQlgZYuAZglgZopAZwuQZ49X6AAaR8iAGkfKoBEwoNc291cmNlc2Fuc3BybxALGAKwAQG4AQPAAfKbuQM~CBsQAiCiBjgLwAHQ4efqBA~CBsQAiCiBjjkA8ABo6Dy8QU~CBsQAiCjBjjqA8ABn8nOQQ~CBsQAiCjBjjOA8ABi9fllww~CBsQAiCjBjjfA8ABrvnN2Aw~CBsQAiCjBjjRA8ABq4WCxgc~CBsQAiCjBjjoA8ABy6OdjQs~CBsQAiCjBjjaA8ABxu6ZyQI~CBsQAiCjBjjdA8AB2JXamg8~CBsQAiDBBjiuA8AB6J2d4ww~CBsQAiDBBjjnAsAB44Kmzgo~CBMQAhgBIMIGKMIGMMoGOAhowwZwygZ4kHyAAah7iAGoe6oBEwoNc291cmNlc2Fuc3BybxALGAKwAQG4AQPAAbXelpkM~CBsQChgBIOAGKOAGMIoHOCrAAZvQnOgC~CBsQChgBIOAGKOAGMIgHOCjAAciZ52Q~CBwQChgBIOEGKOEGMIUHOCRA4QZI4gZQ4gZYgwdg4gZo7wZwhAd4qwaAAUOIAS-wAQG4AQPAAbLe8vsL~CBsQDSDsBjgNwAGAkfKHCA~CBwQChgBIPYGKPYGMK0HODho9gZwnAd4pbwFgAG3uwWIAdvNDrABAbgBA8AB7OzN8w4~CAwQBRgBIIIHKIIHMIwHOAlohQdwiwd4xCeAAbsmiAHGVbABAbgBA8ABpaqU2AE~CBsQCiCnBzgQwAGsmsmxCw~CBsQCiCoBzgjwAGl-Mcp~CBsQCiDLBzirA8AB1dn6pgE~CBsQBSDrBzilAcAB3uLm5Q4~CBsQAiDwBziNA8ABw-CUwwk~CBsQAiDwBzj6AsABypiV6gs~CBsQAiDwBzjyAsAB2sSBugI~CBsQAiDwBzj-AsABjuOxtQc~CBwQChgBIIAIKIAIMIcIOAdogQhwhwh42JoBgAH2mQGIAcuEA7ABAbgBA8ABxPDQzQk~CBsQChgBIIgIKIgIMJoJOJIBQIkISIoIUIoIWOYIYKMIaOYIcJoJeIgFgAHHAYgB0QGwAQG4AQPAAeSq4PAC~CC8QBxgBIIkIKIkIMKwIOCNAiQhIighQighYnQhgjwhonQhwqwh4owaAAWiIAW2wAQG4AQPAAe21srAK~CC8QBxgBIIkIKIkIMK0IOCRAighIighQighYnQhgjwhonghwrQh4owaAAWiIAW2wAQG4AQPAAZv_iccH~CAUQBRgBIJIIKJIIMI4JOHxokwhwjQl43wGAAccBiAGPA7ABAbgBA8ABkMey8Ag~CCoQChgBIJQIKJQIMKYIOBHAAab7gJMH~CAUQBRgBIJwIKJwIMIYJOGponghwhQl42wOAAccBiAGPA7ABAbgBA8ABkMey8Ag~CAUQBRgBIKMIKKMIMIwJOGlopQhwjAl43wGAAccBiAGPA7ABAbgBA8ABkMey8Ag~CAUQBRgBIKULKKULMJwMOHdopgtwmwx4zyKAAashiAGfS7ABAbgBA8ABkMey8Ag~CAUQBRgBILkLKLkLMLwMOIMBaLoLcLsMeOcCgAHHAYgBjwOwAQG4AQPAAZDHsvAI~CAUQBRgBILoLKLoLMJkMOF9ovAtwmQx4tQOAAccBiAGPA7ABAbgBA8ABkMey8Ag~CBsQBSC7CzicAcAB3uLm5Q4~CBsQBiDBCzhQwAHmlOryBg~CBsQBiDCCziCA8AB4-i9lQM~CBsQBiDCCziwAsABvbiMlg0~CBsQBiDCCzi4AsABz-6xoAU~CBsQBiDCCzjWAsAB1K7JhQM~CBsQBiDCCzjIAsABhaW40wQ~CBsQBiDCCzjBAsAB-Pif1Aw~CBsQBiDCCzipAsAB8c7-vwM~CBsQBiDCCziQAsABsd-tnAo~CBsQBiDCCzhbwAHOkPHxBA~CBsQBiDCCzitAsABruGHmAI~CBsQBiDCCzjKAcABueCJ9Ak~CBsQBiDDCziUAsAB6PqPwgQ~CBsQBiDDCzjsAsABmOr3sAc~CBsQBiDDCzizAsAB7-qhlAk~CBsQBiDDCzjSAcAB4ITA0gs~CBsQBiDDCzjTAcABlp3O2wU~CBsQBiDDCzjPAcABldWZFA~CBsQBiDDCzjHAsAB8quiiAE~CBsQCiDECzi0A8ABg-nFmgY~CBsQCDj7DsABwfyLgQ4
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.igortutorsmoney.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 20:46:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 00:22:50	Name: IDE Value: AHWqTUld5kOIyrxvUDt5RcB4kC89Rn9zVFPo54UvdU2gysntViHF4L6ZeGnEithz
.igortutorsmoney.com/	1970-01-20 00:22:50	Name: __gads Value: ID=6699932057e4110f-2297cb8f76b9008d:T=1609274795:RT=1609274795:S=ALNI_MbycmB3F8gY1YdV-Lo4K5LW90CCDQ
.igortutorsmoney.com/	1970-01-19 15:01:14	Name: _gat_blogger Value: 1
.igortutorsmoney.com/	1970-01-19 15:02:41	Name: _gid Value: GA1.2.1431678604.1609274795
.igortutorsmoney.com/	1970-01-20 08:32:26	Name: _ga Value: GA1.2.1008202090.1609274795

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
apis.google.com
cdn.onesignal.com
csi.gstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
igortutorsmoney.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
use.fontawesome.com
waust.at
whos.amung.us
www.blogger.com
www.google-analytics.com
www.googletagservices.com
www.igortutorsmoney.com
172.217.21.226
216.239.36.21
23.111.9.35
2606:4700:20::ac43:4739
2606:4700::6812:e134
2607:f8b0:4002:80a::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:814::2013
2a00:1450:4001:818::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2009
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
67.202.94.94
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f8cabb7ff21b9331af60f450a7e8df04a40e49a46944c811178314f57e0caf
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0f2d0bf08df93eaa4837be51c4689ae5b53e9546c32f6167432c8c99fbcb475b
0f8629dc2992b66a544c88053ec687f7b6f5f2302d71bf547c347109cc67963b
122d2da0ed8f67231320866ffe1076c1073977f564d8d5bbf4d36cd73b324f05
162b90a9d1c894e705005e6650f95bd7955099d6c5f5444360e7879a50a951d5
1cafe9b8fc0bed0d6bb16b7b2b241e6ad6b92609bdc3ccd1be1c61bc1d0b11fc
24706b90aee2e0a798ef6b358d856f691d8773a2aa50dc367c9cc498d79f1a87
37473a8ec9166a2b1b12d97aeba8cfb424c51246ef942e460a305b06c869e7ac
38e17e31c01f6ba832a7ec8c6d7cbbf34f91663881388d8a95c17bb10f4fafa5
4152e99fb8604a28a3bbb929e2e9bd04533f44f04dc23014fda63b1ad34f32b6
50fb6fd17fcf25f9845a6f10e3912f04565e3fdc909cfb5dc952d9be0fedaa75
51ba3b30d0be042411212d9e1486db79caba309a4fcd213cf8601afd9d8b387d
574ec43bc1baf72f8daab5b67a4ecfc62c7fd627e97fa26612c207689458aaa4
584a46e7257c958e0a7e42eabad0adad9bbed47a092e4474ce4a887d58a62fd8
5d11a3d420660ae7bd7f04a5bf9039cf0095847cd6f9e4569e6ff8eb3a13f9ab
66267a25942f70a96567b2823b94ab5ce368745ba5913aca206ce467a1816c8c
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6cf582a2386474e987968f420e1e34dde85880509cd20aa78a70d371129f41c9
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
78d7159e76c5f29cf7f55a68f147f829ca7d29dde9d861bde889a74702b3c7a9
7dbd1104ef95d0a50eb190f76f0987e22431ea56727a3ee38215313d5c4d8f14
7f1cc7d020a0bc7a225c9cd5b41389355fbd343433ca0c24d7cb0a5cf32dee9b
816a527542ad79e1d70328d4a48bcda30a029d1fedbbc7edd628aa2c86a546af
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
952fa22d64309dd2cfc0b0055b71746a9a18e941ef416f36e6d2886f0e7c307d
9620fa5e9f9ea4a6077e3f2135701c83f0114b565df28301807183777961d7ff
97e1d2769b5e3a030670cd6d447175ecadc5b06905d6ac519114255e6e507bd7
9d14dc2f0baa80ca4cd4d9bd37e8f1b67e3a493f4e8fb2e7a91afacae24ac352
9e2c2968b4163dfd225cf3aa5ce347de3cb33ef5c14eedf5de025904d1301e38
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a136b0f23a957f5efa7ac898ef6c232d2d803abd117e14cd3e8ec598943fade8
a6829f6f4818308447687c638575dd1c992982013811c63ec6c95211643935b3
a73dd4503ac5258f66439739eb429f4ec27d55fe4155f2fdc018d38aba3a22a9
a8edae8fd9272927b0cc355d7c6219bd09afc742bc149c7ea33b40ef7e00f9a2
add715400044fb7ee2820a4a131fae8601047542cd25aae5d4bd2cd118d3546c
b123c9c06d114b5aa466b4ac28fb60399f15973334d74aedfc54c6158ef81322
b1eaf488a137ef0b0de0132a04271dcabedf266d4fed4c0df900727a58df2b00
b5fc863c843ee0f76c21528a7268e27e2e64b6f376914fb2b204c7404893412f
b7b6ff4cb6b73cda5942b96e71987e24068e69c7b19822d1f99e784d73535078
bc0265708c8a0398df34e7277820cec9a38c785a70e8895008fae0919b840e0a
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d00d78ebad8dedc053e13d8fc2cf9861cb944ef20d1d155c4503bc856fa8a22e
d1f8619ccce98b9b701348e9cb5e5f3837d7d53df61360b9c66494c56982e80e
d58ad1132eb47b32dc819b6c5974dc14a3f71013d5748cd221703803f0281c1c
d622d88eb785eba0db9672221709338f12feb74230a8f8b3e1e400eb57e4969e
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
d84e14b4bba604c7c4ab0d0b3623a226ea995f810ee7df26eeeec757acbae59c
db421d4db0137f9703245f01d9ccfe5414621f2f80350793a561b2d02ec48b1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e813c882d3610c60b5881ebc4f5cad84c384539bbc5c5dac00756eb0dc6d5145
eb841c8fcef723be2c7d27f26067362911347162c21bfc0e94d812ba3e249c5f
fd3bf399e728cd84ceedf115e9543de51a8e9efdf55fab71fcce7faf3159c5c3
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

www.igortutorsmoney.com Open in urlscan Pro 2a00:1450:4001:814::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

78 %IPv6

15 Domains

22 Subdomains

18 IPs

2 Countries

895 kBTransfer

1795 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.igortutorsmoney.com Open in urlscan Pro
2a00:1450:4001:814::2013 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

22
Subdomains

18
IPs

2
Countries

895 kB
Transfer

1795 kB
Size

5
Cookies

76 HTTP transactions
1 data transactions