modsbase.com Open in urlscan Pro
2606:4700:20::681a:74f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Submission: On July 01 via manual (July 1st 2021, 3:17:51 am UTC) from FI

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 104 HTTP transactions. The main IP is 2606:4700:20::681a:74f, located in United States and belongs to CLOUDFLARENET, US. The main domain is modsbase.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2021. Valid for: a year.

This is the only time modsbase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:20:... 2606:4700:20::681a:74f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	172.255.6.145 172.255.6.145	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:2212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
104	24

23 2606:4700:20::681a:74f (United States)

ASN13335 (CLOUDFLARENET, US)

modsbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.145 (Netherlands)

ASN7979 (SERVERS-COM, US)

alignclamstram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

formerdrearybiopsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2212 (United States)

ASN13335 (CLOUDFLARENET, US)

cookieinfoscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	347 KB
23	modsbase.com modsbase.com	1 MB
15	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	95 KB
5	google.com 3 redirects adservice.google.com www.google.com	829 B
4	googletagservices.com www.googletagservices.com	141 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	fontawesome.com use.fontawesome.com	16 KB
1	googleapis.com fonts.googleapis.com	674 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	657 B
1	cookieinfoscript.com cookieinfoscript.com	4 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	formerdrearybiopsy.com formerdrearybiopsy.com
1	alignclamstram.com alignclamstram.com	1 KB
104	16

	Domain	Requested by
27	tpc.googlesyndication.com	modsbase.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	modsbase.com	modsbase.com
16	pagead2.googlesyndication.com	modsbase.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com modsbase.com googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	maxcdn.bootstrapcdn.com	modsbase.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	use.fontawesome.com	modsbase.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cookieinfoscript.com	modsbase.com
1	www.googletagmanager.com	modsbase.com
1	formerdrearybiopsy.com	modsbase.com
1	alignclamstram.com	modsbase.com
104	20

This site contains links to these domains. Also see Links.

Domain
cookieinfoscript.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-19` - `2022-06-18`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
alignclamstram.com R3	`2021-06-03` - `2021-09-01`	3 months	crt.sh
formerdrearybiopsy.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Frame ID: 37A2A46787B52BEBDABACEB2EBABA640
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Frame ID: 93CF4D72EB6A305EA6C18924365BCF35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117
Frame ID: B71A4C5753098BF1B0394E4BDD34AB19
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160
Frame ID: D5D038115ADEC0D093C137D4F9BBF3E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178
Frame ID: 890CC04D2E186EDB9455312415EB9ED4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&adk=1812271804&adf=3025194257&lmt=1625109452&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452517&bpp=1&bdt=179&idt=182&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280%2C350x300&nras=1&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=187
Frame ID: 9298CE071EC8DC90AD8985B51490D51A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html
Frame ID: 3EBAB8A4DB5DE1B297136E929A400BAD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2ryWzDPdYL3mKtXH7gPj1Ji4D5uIjMJgt7CerYwNy5iSzKQfEAEgmMSpKmCVAqAB2pH3oALIAQmpAssNU0MM5bM-qAMByANIqgT0AU_Qjg_PBHE72G88O6145sdh_UmTIlRuIXHiQ1nc6r6mmqSuSTFd7PV3Td4x5Th_M6NCyiu3TFDMsmMGybsDaMi8rImZWXL3feB3dQDBn1LO4X2uNI1U2nGU-x6Fpyv9mBxYyIHSYBb4PwA1eVcdTkXGTZhGnIykeC_0qaj3TByGqjrftHYoy_AqCyvLQIz0_-vQYthnccXwE-3n31q_OnvNiNvGcfMK98ctWpvQuF2tTvWvtcLy3zbcBLudMRa4Hf-XUXzymy1qfWR8FISEARV99c9lxcXk0B23Ujvju4Gk2cEzqPTA3vsOMXOFdVuCW61PJVnABJ-wpIumA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeO7ojfAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDy1wTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItOTYzOTM5NDk2NTAzMTYwNA&sigh=P23CzjM_RWw&template_id=419
Frame ID: 781F954C3F5D33250699E41A896E6014
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CD128727A2E8E3483E7287C5FA23F6E8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9FCC03D84B5AAE9882005BF25E8924D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: 01625F341BBA0BCA9D66757A1BDECBA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html
Frame ID: 8D1D885EDFE0414354D729855CCEF668
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1wvLzDPdYOjrKZCN7gPjkpOwB5uIjMJgk7z6h_gM65mSzKQfEAEgmMSpKmCVAqAB2pH3oALIAQmpAgAbfZJZ5bM-qAMByANIqgTuAU_QQnJ988C_iIwkI7-YkLP3d_PN1VTq_DcaIjZckO_ODrVp_M1LK0qXr6zQI6HTr7AfVw9flcvFJ06yNiwvgzBIiTeDwMjnzxUxf1HY5_Ydat9s8f8VsiVVzXf1ou2c2a9q-J42UILmjSlrOzG1CvrpmQByu5cZWhIGOBjBFYMKXyBBRsdKLShl976LOi8wdWERPm45_W4-jwGUWfjr2RANeIzun2jO4bHJ_f8kbARhy_CBqazKAdf3bzbEJTc-5bn5D-cQgETzJX0hZl7AlVKijWM8rD0dHXB8HSZr3JyxhR5mX2FxGLtmuJgxAUjABJ-wpIumA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeO7ojfAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCH0ATSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItOTYzOTM5NDk2NTAzMTYwNA&sigh=CbLDMaC_BoI&template_id=419
Frame ID: F7544E56F1E562870844A73264095797
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2859DF1B85D434700F7F3A203467E01A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A096FDBA0BAD6510CE57643E64FB1C92
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B729CA23A0A8F826FD0C725727C77FAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

104
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

20
Subdomains

24
IPs

4
Countries

2263 kB
Transfer

3663 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cookieinfoscript.com/
Title: cookie script

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

104 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request HydrangeaChainsaw_-_Kawaii_Stuff.zip.html Show response
modsbase.com/3pplqw9uasz1/ 13 KB
4 KB 222ms
205ms Document
text/html 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4150da9efaa6c36e9e80dd100b386def593ff54298916592ea13b842d10c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: modsbase.com
:scheme: https
:path: /3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Wed, 30 Jun 2021 03:17:32 GMT
set-cookie: lang=english; domain=.modsbase.com; path=/ aff=51277; domain=.modsbase.com; path=/; expires=Thu, 15-Jul-2021 03:17:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0b01ab6d6300000eb39a81b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W6dSPo7PGDlVU%2B3r9yoD8IUuO8g8dLnkYrv%2Fa79A4DUjH0zWy1Uj0S%2B2C4JZ%2BN5AodQ4cZMYWhW97nulf4jRAH0BIbs%2FxYCN9upSPxO7Vc95rTOTcn1Qw%2BkGOMZq8KS3G2rX7dE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 667c7b5bde880eb3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery-1.9.1.min.js Show response
modsbase.com/js/ 90 KB
32 KB 46ms
34ms Script
application/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/js/jquery-1.9.1.min.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

:path: /js/jquery-1.9.1.min.js
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7926832
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4100002c561a99f000000001
last-modified: Mon, 07 May 2018 10:48:13 GMT
server: cloudflare
etag: W/"5af02eed-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J10oQVLr2Z%2BZEhEfXelRN6rOA4GJGAIZsBP3yQZkPoAMXKCBriy76Pkjddyw%2FFa9OvxxdOo1m%2FwRm54NXeUXJ0eqoyVDeizV%2BYEUlxfGtYMfvfu6z7QvjyAFS0PL3g9o0DaZp2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 667c7b5d39762c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 bootstrap.css
modsbase.com/css/ 117 KB
18 KB 32ms
21ms Stylesheet
text/css 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/css/bootstrap.css
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f44d145cb024b0d87d79fbdfd2e1b16670895f0931b296da0f2ffe7b822b65

Request headers

:path: /css/bootstrap.css
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8628516
cf-polished: origSize=144181
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4000002c56fa9dd000000001
last-modified: Tue, 25 Apr 2017 07:02:34 GMT
server: cloudflare
etag: W/"58fef48a-23335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wu0Q6ItDwMSMa4r93XsGEl0Kb%2BgS79f%2BuwTfj0vEjv9tC28A0NtcBDrEexZI%2Bbk3E5a5WRg7q7hDs%2BgLBPzY9xCeL78aROpvMDQyPMYJNNurYgcIjKA4enTa11PMUbihILs%2BG0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 667c7b5d39732c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 33ms
15ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 8662682
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4700001f25063f1000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 667c7b5d3a691f25-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 23 KB
3 KB 39ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://modsbase.com
Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 6462911
cdn-cachedat: 2021-04-17 09:12:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4b00004eaad3bf7000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5cdfb689d5e887eff731a2005ba3473a
cf-ray: 667c7b5d48204eaa-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 30ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 8662534
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4600001f25ae0a1000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 667c7b5d3a671f25-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.1/css/ 45 KB
11 KB 28ms
11ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.1/css/all.css
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Tue, 17 Jul 2018 17:49:49 GMT
server: NetDNA-cache/2.2
etag: W/"597b70b2ce6b1483f72526c906918fe9"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.1.1/css/ 26 KB
5 KB 29ms
13ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Tue, 17 Jul 2018 17:49:51 GMT
server: NetDNA-cache/2.2
etag: W/"01727b5056f65c2ac938f5db4e552b10"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H3-29 200 style.css
modsbase.com/css/ 98 KB
16 KB 33ms
23ms Stylesheet
text/css 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/css/style.css?ver=1.20
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbeb6ad5733d22ac033f3461b94f6e890509bd1b7900e1a32c7bb26e2448acd2

Request headers

:path: /css/style.css?ver=1.20
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1885433
cf-polished: origSize=123919
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4000002c562d128000000001
last-modified: Wed, 09 Jun 2021 07:30:47 GMT
server: cloudflare
etag: W/"60c06e27-1e40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w192DzZwh46pPnkvUYD%2BSNgcs7Zwsq3F7GKgm7tW5iacZ3kt4K30NXywCh5UswwRTTk5F4wsMUb2ZDrBkWY7MmW0FvD36UKKeANfnSh4gYwy0lrUhYb27NaXKZEepo8S5hYSTvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 667c7b5d39752c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 responsive.css
modsbase.com/css/ 10 KB
3 KB 28ms
18ms Stylesheet
text/css 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/css/responsive.css
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7876e4cb18258d72fe4ffdc1f6d36c74723216841ac70261bdd308d125d5b34f

Request headers

:path: /css/responsive.css
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8628516
cf-polished: origSize=13340
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4100002c56be3e2000000001
last-modified: Fri, 23 Jun 2017 14:53:14 GMT
server: cloudflare
etag: W/"594d2b5a-341c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uaiAVOfMB9gUm2l42CVlQEEn3I5VDb6luIWEUXHSv5UXYCvzFc5auXmnmT%2FiVH4m%2Bt%2BWDAJP97vW6PJLVR8uuXzd3qjZ%2BBSGzwkxdUa2e7CLuZyq5OvRkDnvNyFYKokNOCie7Oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 667c7b5d39772c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jquery.paging.js Show response
modsbase.com/js/ 5 KB
2 KB 51ms
41ms Script
application/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/js/jquery.paging.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818

Request headers

:path: /js/jquery.paging.js
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8628516
cf-polished: origSize=19365
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4100002c56f0af4000000001
last-modified: Mon, 07 May 2018 10:48:18 GMT
server: cloudflare
etag: W/"5af02ef2-4ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F4E1oVkDamq4TOySRO3V5JIrrYxHdGDzONqmlc16CYNUPaTf81CATcVFr83CAuJS9uLPCfqOjrI7IX5Kd7OaZ%2B3j2kg5R%2BYhc0TytSK9mtoVSCIqjImjY%2FjtoL8ZT0b%2FcNY%2FRak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 667c7b5d397a2c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jquery.cookie.js Show response
modsbase.com/js/ 2 KB
1 KB 27ms
17ms Script
application/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/js/jquery.cookie.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56

Request headers

:path: /js/jquery.cookie.js
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8628516
cf-polished: origSize=3121
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4100002c562f8fd000000001
last-modified: Mon, 07 May 2018 10:48:17 GMT
server: cloudflare
etag: W/"5af02ef1-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zQjobbGWuz%2FdBVH2Y0bACNbH5scOz4ay5SSueNe67oQkCUKQCz50i0qbQoK%2BP%2F2aLDBxEhD9FhxOqaxOcDBGQTU9VzTaVOMAY3%2F1CH3Ya4ow8DUGrJYFqEYGz8eVOVtjPy2H1t0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 667c7b5d39782c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 paging.js Show response
modsbase.com/js/ 1 KB
1 KB 26ms
16ms Script
application/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/js/paging.js?r=1
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e

Request headers

:path: /js/paging.js?r=1
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2560861
cf-polished: origSize=1880
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e4100002c56f730b000000001
last-modified: Tue, 22 Oct 2019 10:59:11 GMT
server: cloudflare
etag: W/"5daee0ff-758"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kDHzuK7%2FBBzUp9H%2F5c7lNJakkfRjNGdjDlu2n6CXlQTOXsiBZ%2F1gapzOdH7qOdDo7BuAjPP0Rrt0JtH%2BnLp4hulalXZPres4vFb4KE%2B7rFvExXOnqopiAhBsM923OdIppbR8KLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 667c7b5d39792c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 api.js Show response
modsbase.com/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 10ms
9ms Script
text/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://modsbase.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4tqGutIjuom4m9lWwSduEQVlrQfs9cPZMqmJ89s1WJFRjWJvto71Tause1VbHtsVT6ebsw%2B2eehXQpXy%2FvFu2PuKuGau%2FslcXPqHzBBkvTlqJdwqZbbDzqaBUQMjwhXg8Y6HZ3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 667c7b5d99cc2c56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e8200002c56be3e4000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48719
x-xss-protection: 0
server: cafe
etag: 7891261082821145910
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 03:17:32 GMT

GET
H/1.1 200
OK 17527 Show response
alignclamstram.com/1clkn/ 0
1 KB 72ms
20ms Script
application/javascript 172.255.6.145
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://alignclamstram.com/1clkn/17527

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.145 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:17:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 403 invoke.js
formerdrearybiopsy.com/cff75164e64d7487c6f799328caa68a1/ 0
0 305ms
109ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://formerdrearybiopsy.com/cff75164e64d7487c6f799328caa68a1/invoke.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jul 2021 03:17:32 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-29 200 logo.png
modsbase.com/images/ 4 KB
5 KB 14ms
13ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/logo.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28062ed3141e99d1fdcd9379c993ca6ad788f3de5fc134886df05f905c7aa6e

Request headers

:path: /images/logo.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7742530
cf-polished: origSize=6339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4026
cf-request-id: 0b01ab6e8200002c561a9a2000000001
last-modified: Sat, 13 May 2017 08:32:13 GMT
server: cloudflare
etag: "5916c48d-18c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1wWDg63%2FFqmVUtIryknJCBZDOTyZoBABxg5hsqQpw7io2U9Gm5dyNFObrPjcxS9z4ck0kDD8IekK9iM%2B2%2FxMmxvNfat5cz2%2BmOQj8oE2AwUdCkdZ3570f9DVzr9L7axivG0O2U0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5d99cd2c56-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45540017-3

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f28bece9e74b47fc21bc94afcf0690ecfc7f76e50b335bc6c2fe371862a462e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36352
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jul 2021 03:17:32 GMT

GET
H3-29 200 functions.js Show response
modsbase.com/js/ 995 B
960 B 18ms
18ms Script
application/javascript 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/js/functions.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490f66126e3245052eafa9f696bdc3af295dacbb1cb006649bdb34b0ebd95e01

Request headers

:path: /js/functions.js
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7743945
cf-polished: origSize=1271
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6e6b00002c56d697d000000001
last-modified: Fri, 23 Jun 2017 14:25:37 GMT
server: cloudflare
etag: W/"594d24e1-4f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xvNIxCfYg7N7qE3AFQWRVBGqQ56%2Bk6noqXXVWeByWBELZ1ED1sBgQSA15PhjY0C%2F4n7auAfpqLobrXNP696%2FoqNe3WU7yQp4E0ixXJHey0jv7okYN7dg8lBchtQWyt0f73LHa4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 667c7b5d79b12c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookieinfo.min.js Show response
cookieinfoscript.com/js/ 7 KB
4 KB 42ms
14ms Script
application/x-javascript 2606:4700:3030::6815:2212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by: Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4009
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6FZAM1364E2BV84G
x-amz-id-2: +Uhlf5OUoVQ5xFl26ru3QJIN8Q2TaB/GZHt1NWs2sCynlXAyIfWOeCU/H17Ts5pLUVeqfjdmw+o=
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
server: cloudflare
etag: W/"d15d93068c1121f63008407d339bd819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WkFDaDvhin84rEXLthgc%2FAMFMDNFWXjoMHck%2BjLCDoRRWI%2FmQxbqo5fNBVBUpJ3WR44dbaKgIFZ1vmswXm20lylmviPnR2j6QPqfmzf34e9bwhv2UgCUfAYK86spdeb06xDR5KwNZbvB%2FEIbfqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2678400
cf-request-id: 0b01ab6e8900001f31513bc000000001
cf-ray: 667c7b5da9bd1f31-FRA

GET
H3-29 200 grey-bg.png
modsbase.com/images/ 35 KB
35 KB 15ms
15ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/grey-bg.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377139ab897585c447e16ce86cc623b313a9f4ecbccbae138ed4d68c8bf22573

Request headers

:path: /images/grey-bg.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7742530
cf-polished: origSize=55939
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35475
cf-request-id: 0b01ab6e8700002c56f0af6000000001
last-modified: Sun, 18 Jun 2017 10:43:42 GMT
server: cloudflare
etag: "5946595e-da83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q9f6nQ71MtMneP07Fi11YN0ix%2BASuUMw6PRN48QYWYgeHGiVP0MENVJ8TuLefz5lhldS%2BZBE9JtFdfyXxWLBv2aKAI2p%2FmrswhYblLkB0j99dbzeurglum5kM%2FxYcZlYzZj1yvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9d22c56-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 header-bg.png
modsbase.com/images/ 2 KB
3 KB 22ms
21ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/header-bg.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8c7b17982ee92d0972f9840a6800201b127c2b721abeb385eedbed9ac05e0d

Request headers

:path: /images/header-bg.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7742530
cf-polished: origSize=4333
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2383
cf-request-id: 0b01ab6e8700002c568b33d000000001
last-modified: Sat, 13 May 2017 08:59:10 GMT
server: cloudflare
etag: "5916cade-10ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F4QGMwhTS%2FsgwVOkNPLDdkX8ExNCq0Xqgc5H881C5VsHuU7P%2FRuky2fXm7TQMt1DTH8tfcONAzKSgpG5veAJ7PsphLhuQ2ciujrOi5v8tKppAQKkuWapZuMR2dbWhD4TG33BDhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9d42c56-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 nav-sep.png
modsbase.com/images/ 67 B
736 B 16ms
16ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/nav-sep.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647ec2f094730bc8f1ee6f0a8118492a01463a84c8f0b5638cdc14fdcb7a29b6

Request headers

:path: /images/nav-sep.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7742530
cf-polished: origSize=926
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 67
cf-request-id: 0b01ab6e8700002c56b49f6000000001
last-modified: Sat, 13 May 2017 10:09:20 GMT
server: cloudflare
etag: "5916db50-39e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FdgPbs0bCgz2iq2BSPxKtls8ALgC6xJzFzEhrhUrx9kyBHrZoTGkV6Bj4xv5KYfduaMxM7yhr6j5JfTCLZFhE5XVrjkayZqfF6%2FBVfQRbCZIVOtSpwx%2Fk1UDnVSlZTT55MAoJg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9d62c56-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 sprite.png
modsbase.com/images/ 11 KB
12 KB 17ms
16ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/sprite.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306c9cfae9d7383c6ffcb8167c0a23c2ce8a2785f2d0c9cebae65f4e29399033

Request headers

:path: /images/sprite.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6252316
cf-polished: origSize=15050
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11111
cf-request-id: 0b01ab6e8900002c56d930e000000001
last-modified: Sun, 14 May 2017 17:31:31 GMT
server: cloudflare
etag: "59189473-3aca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3Dz7Gp6iziKH0f2oujxlKFh4R34GSeCALe8Cem3ma7Gvp4Dr1vX5oJnNhJ03r41s4wAR2uKuAo9PjGV%2FTMfYoI9UEU66aLvdHW6%2FuU8SRWQJycwK6tonbdIf6y4Kvq7q0SoIKtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9d72c56-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 border-img.png
modsbase.com/images/ 69 B
743 B 16ms
15ms Image
image/png 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modsbase.com/images/border-img.png
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bd6842e71509a8d56f3f2b1e7824ae19ca291f3f604a482477c7dff248e09b

Request headers

:path: /images/border-img.png
pragma: no-cache
cookie: lang=english; aff=51277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6252316
cf-polished: origSize=927
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 69
cf-request-id: 0b01ab6e8900002c56b7861000000001
last-modified: Sat, 13 May 2017 08:39:46 GMT
server: cloudflare
etag: "5916c652-39f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8TXj%2FjZR8KKoFwJQq8ityLqHKH6OK5agWySQmCjYej0ViBM9EAF1hCE8xSu7WjZNLIrfNPYIuIqVMuzVNJnBu%2FvNtJtxNnJPp6N0%2FhEDWzDguMziQWDG%2F8MXS9u50hQFmHbh%2BtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9d82c56-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 gothamroundedmedium.woff2
modsbase.com/font/ 17 KB
18 KB 24ms
23ms Font
font/woff2 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/gothamroundedmedium.woff2
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8ca651bc37d9fb3e486b2e4e26b9a4cd0e853f9facfdd1c02f1ba321e52874

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/gothamroundedmedium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2557954
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17844
cf-request-id: 0b01ab6e8f00002c56d1822000000001
last-modified: Sat, 10 Apr 2021 06:54:36 GMT
server: cloudflare
etag: "60714bac-45b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=47k2VMG1qvc3A%2BIyV%2BHaUQJJiCMvp2nDxwmuAWWNumk68%2BPmPv%2Bhggw%2BHCULKXaaKcMTviwDkKw1r4%2BEz4GSZO21d%2Fqx%2FoSj8mCzqX9M5v5JM2cjJLRohEnsqXCaiinoYmDRnI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9da2c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 gothamroundedlight.woff2
modsbase.com/font/ 16 KB
16 KB 19ms
19ms Font
font/woff2 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/gothamroundedlight.woff2
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e062af40edc4d3683f80c4700d50854070e735034d6051e54d876fbc9308347

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/gothamroundedlight.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2557954
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16076
cf-request-id: 0b01ab6e8900002c56b2008000000001
last-modified: Sat, 10 Apr 2021 06:54:33 GMT
server: cloudflare
etag: "60714ba9-3ecc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BCwQ8XEg0lmusxXAJjJnrvy4RYU5jzNPJIhH32xpy7zMRwBcFE9kCob3P1iztIwbHPlLaoAeCs9jKppIrsagVMrseBqJKrXrqxHC1%2B9vUyMzRcivgiAejuuB5T0ahMNpgeZY8CY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5da9db2c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 gothamroundedbold.woff2
modsbase.com/font/ 16 KB
17 KB 15ms
14ms Font
font/woff2 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/gothamroundedbold.woff2
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f52232a23dbfd1eaff392d17bf82ecb121f713347a9b2191e196b34c1e0ae1

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/gothamroundedbold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2560163
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16568
cf-request-id: 0b01ab6eae00002c56d9310000000001
last-modified: Sat, 10 Apr 2021 06:54:28 GMT
server: cloudflare
etag: "60714ba4-40b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=21yfdGbeR7gTVE0gNFQzVg0LEescZu7AYemBHieLiOX%2BWR3MFdWfu5UkI%2F11v367OOqOdlP8iomMfFhvFo9ljsbu%2BawP74xL%2BvOmYwO2ybXLzD%2BBJ%2BnGGRLeBJEzy4Ws8TZ9Fmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5dea012c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Calibri.woff
modsbase.com/font/ 653 KB
653 KB 35ms
34ms Font
font/woff 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/Calibri.woff
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce85c7a4bb9bf407756ee628c2454e631685f3b0bd2251a9a9110bb172fedb6

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/Calibri.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8628516
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 668224
cf-request-id: 0b01ab6eae00002c56b7862000000001
last-modified: Tue, 23 May 2017 11:46:43 GMT
server: cloudflare
etag: "59242123-a3240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xbrH%2FZEzPr4zAKfvQK%2F1ANckA3EAPUJpphRpLD5UmRtbzKH%2BCEEUxYUQsesr5j7B9bUyM5aOv5v%2F%2BmwKCsliRD%2BFkOgHuqXPsBxnfI7rTjRmqvMcgVTlo592P%2FALcVDZsUPuBMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5dea022c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Calibri-Bold.woff
modsbase.com/font/ 638 KB
639 KB 21ms
20ms Font
font/woff 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/Calibri-Bold.woff
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d648f543096c6fe62b3509842b77a20bd98e553f50c1c31a3091013fe74afbf9

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/Calibri-Bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6465423
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 653564
cf-request-id: 0b01ab6eae00002c56d1823000000001
last-modified: Tue, 23 May 2017 11:46:29 GMT
server: cloudflare
etag: "59242115-9f8fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9JGpEtoWWzGgaphjXt07hDROkrKOqVDQGPJsthMgxrk96iw%2BimyelIT8m6SgdV2CQh1Vjm6nBgfHwLu0I6xSA0PjCp49gXGG5HxnI6NYR%2BiTwzHhuxNKlowVxo4WESz5HoG4A0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5dea032c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 quicksandregular.woff2
modsbase.com/font/ 41 KB
41 KB 14ms
13ms Font
font/woff2 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/font/quicksandregular.woff2
Requested by: Host: modsbase.com
URL: https://modsbase.com/css/style.css?ver=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e50db63d439620e4619eb419c7aa7e798201b9694ed677d353d6613493fc08

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=english; aff=51277
:path: /font/quicksandregular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/css/style.css?ver=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://modsbase.com
Referer: https://modsbase.com/css/style.css?ver=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2557672
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 41836
cf-request-id: 0b01ab6eae00002c56b2009000000001
last-modified: Sat, 10 Apr 2021 06:54:42 GMT
server: cloudflare
etag: "60714bb2-a36c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CEAVZ6rG9DT6hnnnWsb%2BXBJj7ROmwz2IvOaXZXdIrscqWvBqKlZGV2WwkxuX06Em1Iq5FtQ2acFD6rIgTVXS42IzUD5A7X76gfr32i8TR4%2FDT5QYiefxf7fGDm223ryutMI1FRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 667c7b5dea042c56-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/ 240 KB
89 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9639394965031604&plah=modsbase.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91162
x-xss-protection: 0
server: cafe
etag: 13729711335453486071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 03:17:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/ Frame 93CF 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210628/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Jun 2021 19:14:00 GMT
expires: Wed, 14 Jul 2021 19:14:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 29012
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45540017-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5844
date: Thu, 01 Jul 2021 01:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 01 Jul 2021 03:40:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
657 B 38ms
16ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=modsbase.com&callback=_gfp_s_&client=ca-pub-9639394965031604

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9639394965031604&plah=modsbase.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3e63414f5c207662083411c0af2a163aa09e061934213f66db8a056654449c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=modsbase.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=modsbase.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B71A 69 KB
23 KB 386ms
385ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f2f51de33e7e962b9248ae11bd3d3d83ffaef15b8ce30c683b221335740488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 03:17:33 GMT
server: cafe
content-length: 23835
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 03:32:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:32 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-9639394965031604&c=18&n=0&t=0&w=201&x=2

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 result Show response
modsbase.com/cdn-cgi/bm/cv/ 0
759 B 9ms
9ms XHR
text/plain 2606:4700:20::681a:74f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://modsbase.com/cdn-cgi/bm/cv/result?req_id=667c7b5bde880eb3
Requested by: Host: modsbase.com
URL: https://modsbase.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://modsbase.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: lang=english; aff=51277
content-length: 488
:path: /cdn-cgi/bm/cv/result?req_id=667c7b5bde880eb3
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: modsbase.com
referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Jul 2021 03:17:32 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vhd22mufC7THItEdCaamz9URf4ilFRyPObc8Q%2BCG6clzk28VG7SvCJDTZAcm1ofAW0GFn7bWaTZzyXhbWN5jLtpIGc6VyCc29%2BlihUWrT0PbyMAxLQ7FLTjFiJPPdI3eRXosmyo%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=78d2e4705bcd28586c2cdd147128267d49b8342e-1625109452-1800-AbThrfWwMAgzgWaw1fJtAW6SUn1pX5NbzR6w1YIJ2i+S3Suwa2kFdV6+zm4cZyLogZ2oNVVgAiANvO04WQNONGJtbp6n5EdbUMeFiiUAQaDdrHQf1VXCpbVXfCzjpS24EDuyY/z6ytp+BqEJZ2VfF5Y=; path=/; expires=Thu, 01-Jul-21 03:47:32 GMT; domain=.modsbase.com; HttpOnly; Secure; SameSite=None
cf-ray: 667c7b5f2b312c56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b01ab6f7800002c56bf24c000000001

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5D0 106 KB
33 KB 519ms
519ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9326749db8d760ec1903cd3111cdb209e6eb8bc42c6845445ad6a9af5346cac7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COiBmL30wPECFZCGewodY8kEdg&gqi=zDPdYOugKZTJgQeN3ISICg&layout=/sadbundle/%24csp%253Der3%24/2687993016731411593/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COiBmL30wPECFZCGewodY8kEdg&gqi=zDPdYOugKZTJgQeN3ISICg&layout=/sadbundle/%24csp%253Der3%24/2687993016731411593/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 03:17:33 GMT
server: cafe
content-length: 33845
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 03:32:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1672121175&t=pageview&_s=1&dl=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&ul=en-us&de=UTF-8&dt=Download%20Hydrangea%20Chainsaw%20Kawaii%20Stuff%20zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1813328016&gjid=1037794585&cid=1437302870.1625109453&tid=UA-45540017-3&_gid=1396260906.1625109453&_r=1&gtm=2ou6n0&z=1285718568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://modsbase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 890C 106 KB
33 KB 268ms
268ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3efe5482f1c20a2d3a6f3b60a1e61a60a9c3425880d9a4f453c452eab8bc8c6f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL38mL30wPECFdWjewodYyoG9w&gqi=zDPdYPevKt3Cx_AP4qS-0A4&layout=/sadbundle/%24csp%253Der3%24/2830603253714275984/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL38mL30wPECFdWjewodYyoG9w&gqi=zDPdYPevKt3Cx_AP4qS-0A4&layout=/sadbundle/%24csp%253Der3%24/2830603253714275984/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 03:17:32 GMT
server: cafe
content-length: 33731
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 03:32:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:32 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&tn=DIV&cls=cookieinfo&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9298 0
19 B 68ms
67ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&adk=1812271804&adf=3025194257&lmt=1625109452&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452517&bpp=1&bdt=179&idt=182&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280%2C350x300&nras=1&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=187

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9639394965031604&output=html&adk=1812271804&adf=3025194257&lmt=1625109452&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452517&bpp=1&bdt=179&idt=182&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280%2C350x300&nras=1&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=187
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 03:32:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:32 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-45540017-3&cid=1437302870.1625109453&jid=1813328016&gjid=1037794585&_gid=1396260906.1625109453&_u=YAhAAUAAAAAAAC~&z=1894786114

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Jul 2021 03:17:32 GMT
content-type: text/plain
access-control-allow-origin: https://modsbase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/ Frame 3EBA 2 KB
2 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f05e2e99c93b8c2575012f2dc577a971eec001e80901e255041ccef44c316d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2830603253714275984/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 830
date: Wed, 30 Jun 2021 09:47:03 GMT
expires: Thu, 30 Jun 2022 09:47:03 GMT
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 63029
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 781F 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2ryWzDPdYL3mKtXH7gPj1Ji4D5uIjMJgt7CerYwNy5iSzKQfEAEgmMSpKmCVAqAB2pH3oALIAQmpAssNU0MM5bM-qAMByANIqgT0AU_Qjg_PBHE72G88O6145sdh_UmTIlRuIXHiQ1nc6r6mmqSuSTFd7PV3Td4x5Th_M6NCyiu3TFDMsmMGybsDaMi8rImZWXL3feB3dQDBn1LO4X2uNI1U2nGU-x6Fpyv9mBxYyIHSYBb4PwA1eVcdTkXGTZhGnIykeC_0qaj3TByGqjrftHYoy_AqCyvLQIz0_-vQYthnccXwE-3n31q_OnvNiNvGcfMK98ctWpvQuF2tTvWvtcLy3zbcBLudMRa4Hf-XUXzymy1qfWR8FISEARV99c9lxcXk0B23Ujvju4Gk2cEzqPTA3vsOMXOFdVuCW61PJVnABJ-wpIumA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeO7ojfAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDy1wTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItOTYzOTM5NDk2NTAzMTYwNA&sigh=P23CzjM_RWw&template_id=419

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Jul 2021 03:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 781F 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:54:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 781F 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 03:12:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 781F 125 KB
38 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 781F 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:55:27 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD12 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=300&slotname=7062086271&adk=3848599848&adf=218319140&pi=t.ma~as.7062086271&w=350&lmt=1625109452&psa=0&format=350x300&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452507&bpp=1&bdt=170&idt=175&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250%2C340x280&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=797&ady=773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cAEjXk2s8q&p=https%3A//modsbase.com&dtd=178

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 01 Jul 2021 03:09:03 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3EBA 9 KB
3 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Jul 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3EBA 26 KB
10 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Jul 2021 20:19:58 GMT

GET
H3-29 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/ Frame 3EBA 3 KB
914 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d23ba3941d8fa844c507293f463277f626b33d9de5cc0bb50dd71e5186026c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 71793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
server: sffe
date: Wed, 30 Jun 2021 07:21:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 07:21:00 GMT

GET
H3-29 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/js/ Frame 3EBA 3 KB
598 B 17ms
16ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9709c5f4db86b7a328c49a2a42d77a3da3ec9e55d404311df22c413cac63f2aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 101975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 570
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
server: sffe
date: Tue, 29 Jun 2021 22:57:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:57:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B71A 3 KB
674 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 01:39:33 GMT
server: ESF
date: Thu, 01 Jul 2021 03:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jul 2021 03:17:33 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame B71A 1 KB
909 B 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 01:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 01:25:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame B71A 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:54:19 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame B71A 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 03:12:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B71A 125 KB
38 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame B71A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:55:27 GMT

GET
H2 200 3a5e94886a53c84cf1384eecbc513cea.js Show response
www.gstatic.com/mysidia/ Frame B71A 25 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3a5e94886a53c84cf1384eecbc513cea.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

646ccb2bc6d5f34ef2196899f1cc72b43cc0df424b166f9cc93c58112c9377bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 18:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10696
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 22:35:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Sep 2021 18:36:46 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B71A 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb1KSzDPdYJ69J43sgAfKv62AD8XUm8xiv4G2uZUK_p7Yr5gWEAEgmMSpKmCVAqAByLGpzQPIAQGoAwHIA8sEqgTsAU_Qb7r-tVvCAk8Sf7WO3wy5TRKaRCeC3hf1JCSuqrkwykPqZxck52eZAKRdPBcgTGQGGXLL8gIURzwBd9CRcdVcg9vbiTRgA5E2BWuMB3R4aHu-p_J5VIJ6UWzeMqUaOW7xzHajJyo1cl3t4m6mO62D2Oc4Lj6gcWluI4kuUKWf6vpfv_dm90BZI31-9mGzdM-Xd3FtP6k9aDWPeLGZLyewEiSgipAl_PGobF5HL1nue7y_3tfh5NDY6vFh-mG8Ttjaphn6oI6YJXTTpy3skgXO2wTHqYBTiPv3AY1p1DN2qWwS5qofWq0Jb1qIwATzns65jAKSBQQIBBgBkgUECAUYBIAH5OriNagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDVghPSCAkIgOGAEBABGB-ACgHICwHYEwyIFAzQFQGAFwGyFxoKGAgAEhRwdWItOTYzOTM5NDk2NTAzMTYwNA&sigh=CZRAW7TuxY0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Jul 2021 03:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 781F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44eb67547f05836604d9040f08138409fbd37ee75daa8837bcc36d0d86ef84e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD12
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Jul-2021 04:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/ Frame 3EBA 16 KB
16 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fc39b3f2ab6acd5709ed2f4c12302b5f0feb3744f50f37b4633a7bf8ccaaee6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 105225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16586
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
server: sffe
date: Tue, 29 Jun 2021 22:03:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:03:48 GMT

GET
H3-29 200 bg_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/ Frame 3EBA 7 KB
7 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/bg_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f586c1649e68c942f17f8090f3ccb8e9fbe013982d128c4d985431658a71a738

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7490
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
server: sffe
date: Wed, 30 Jun 2021 12:15:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 12:15:47 GMT

GET
H3-29 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/ Frame 3EBA 23 KB
23 KB 8ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d565fe846127ef85d84fa4cbfe7c02f78b91d09a4d2e409cc72d1c02edeedaa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 94419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23719
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 06:46:40 GMT
server: sffe
date: Wed, 30 Jun 2021 01:03:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 01:03:54 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FCC 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=250&slotname=6103201163&adk=1063956442&adf=3861317702&pi=t.ma~as.6103201163&w=1000&lmt=1625109452&psa=0&format=1000x250&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452503&bpp=3&bdt=165&idt=97&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=7048803707815&frm=20&pv=2&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XS5VoLXL5b&p=https%3A//modsbase.com&dtd=117

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 01 Jul 2021 03:09:03 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B71A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0fb902fcd00ccc6e331c391c15b3d4b809817e87883a39222e2053f02496b06

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B71A 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 12:14:46 GMT
x-content-type-options: nosniff
age: 54167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 12:14:46 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B71A 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 08:25:33 GMT
x-content-type-options: nosniff
age: 67920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 08:25:33 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EBA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 06:12:04 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Jul-2021 04:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0162 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 06:12:04 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=218319140&client=ca-pub-9639394965031604&eid=42530671%2C44744441&et=1&io=0&saldr=aa&oa=0.00&qid=CL38mL30wPECFdWjewodYyoG9w&roa=0&slot=7062086271&sp=0%2C0&tgt=ins%2Faswift_2_expand.0&tr=797%2C773%2C1147%2C1073&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&vp=1600x1200

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=3861317702&client=ca-pub-9639394965031604&eid=42530671%2C44744441&et=1&io=0&saldr=aa&oa=0.00&qid=CJ7Tlb30wPECFQ024Aodyl8L8A&roa=0&slot=6103201163&sp=0%2C0&tgt=ins%2Faswift_0_expand.0&tr=300%2C305%2C1300%2C555&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&vp=1600x1200

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/ Frame 8D1D 2 KB
838 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2032de7722b0edb895002fa3993e6334ea3d0ead7b01d989e031b29750fa9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2687993016731411593/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 808
date: Thu, 01 Jul 2021 01:55:02 GMT
expires: Fri, 01 Jul 2022 01:55:02 GMT
last-modified: Mon, 07 Dec 2020 09:52:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 4951
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F754 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1wvLzDPdYOjrKZCN7gPjkpOwB5uIjMJgk7z6h_gM65mSzKQfEAEgmMSpKmCVAqAB2pH3oALIAQmpAgAbfZJZ5bM-qAMByANIqgTuAU_QQnJ988C_iIwkI7-YkLP3d_PN1VTq_DcaIjZckO_ODrVp_M1LK0qXr6zQI6HTr7AfVw9flcvFJ06yNiwvgzBIiTeDwMjnzxUxf1HY5_Ydat9s8f8VsiVVzXf1ou2c2a9q-J42UILmjSlrOzG1CvrpmQByu5cZWhIGOBjBFYMKXyBBRsdKLShl976LOi8wdWERPm45_W4-jwGUWfjr2RANeIzun2jO4bHJ_f8kbARhy_CBqazKAdf3bzbEJTc-5bn5D-cQgETzJX0hZl7AlVKijWM8rD0dHXB8HSZr3JyxhR5mX2FxGLtmuJgxAUjABJ-wpIumA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeO7ojfAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCH0ATSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItOTYzOTM5NDk2NTAzMTYwNA&sigh=CbLDMaC_BoI&template_id=419

Requested by

Host: modsbase.com
URL: https://modsbase.com/3pplqw9uasz1/HydrangeaChainsaw_-_Kawaii_Stuff.zip.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Jul 2021 03:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame F754 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:54:19 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame F754 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 03:12:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F754 125 KB
38 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame F754 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 02:55:27 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2859 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9639394965031604&output=html&h=280&slotname=6666441620&adk=2086385075&adf=2822485326&pi=t.ma~as.6666441620&w=340&lmt=1625109452&psa=0&format=340x280&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625109452506&bpp=1&bdt=169&idt=157&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x250&correlator=7048803707815&frm=20&pv=1&ga_vid=1437302870.1625109453&ga_sid=1625109453&ga_hid=1672121175&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=453&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744441&oid=3&pvsid=2197846977174821&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9NTixIjs16&p=https%3A//modsbase.com&dtd=160

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 01 Jul 2021 03:09:03 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8D1D 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Jul 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8D1D 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Jul 2021 20:19:58 GMT

GET
H3-29 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/ Frame 8D1D 2 KB
822 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

548634a357f48700300256d2b1de7dd0a881ada55b2d11d76887941b3d169fe7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 6826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 791
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 09:52:47 GMT
server: sffe
date: Thu, 01 Jul 2021 01:23:47 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 01:23:47 GMT

GET
H3-29 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/js/ Frame 8D1D 2 KB
522 B 8ms
7ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3a0fda77978ae94c815b3ccc76280980037c0d754b55c0658f52aa8e6afd06

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 82229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 488
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 09:52:47 GMT
server: sffe
date: Wed, 30 Jun 2021 04:27:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 04:27:04 GMT

GET
DATA 200
OK truncated
/ Frame F754 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aec51a200e7bd8b0bbbb25438d01118b76154dc11f6e946f8f7090e2ce18252

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/img/ Frame 8D1D 31 KB
31 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/img/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f836d0d6a3984a14260c49b7e03cf62b6d8ecb6d2c4a34e5114d0939498e31c8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 105225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31817
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 09:52:47 GMT
server: sffe
date: Tue, 29 Jun 2021 22:03:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:03:48 GMT

GET
H3-29 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/img/ Frame 8D1D 13 KB
13 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57797acd3ae5db292dc95ced0a2193a8dae57dd750ec62fe18466246e817c15

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 80271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13595
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 09:52:47 GMT
server: sffe
date: Wed, 30 Jun 2021 04:59:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 04:59:42 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2859
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Jul-2021 04:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 03:17:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D1D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 06:12:04 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210628&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89c41db9a0b75838a0dc8f050ec1ddbb978ee005ac9eb4197ae6e4c803ba49c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=2822485326&client=ca-pub-9639394965031604&eid=42530671%2C44744441&et=1&io=0&saldr=aa&oa=0.00&qid=COiBmL30wPECFZCGewodY8kEdg&roa=0&slot=6666441620&sp=0%2C0&tgt=ins%2Faswift_1_expand.0&tr=453%2C793%2C793%2C1073&url=https%3A%2F%2Fmodsbase.com%2F3pplqw9uasz1%2FHydrangeaChainsaw_-_Kawaii_Stuff.zip.html&vp=1600x1200

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:17:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A096 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 30 Jun 2021 22:13:12 GMT
expires: Thu, 30 Jun 2022 22:13:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B729 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77011657902da7b65bc5ca0539980423d65c4b5833aa70f99e4e12a7d022482b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4BFtokKSzRIuKF4/ngDHcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://modsbase.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://modsbase.com/

Response headers

expires: Thu, 01 Jul 2021 03:17:33 GMT
date: Thu, 01 Jul 2021 03:17:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4BFtokKSzRIuKF4/ngDHcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame A096 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 06:12:04 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210628&jk=2197846977174821&bg=!4OOl46fNAAYo4NJEKOA7ACkAdvg8WlAGGpQOpNGbpR7BDKCIy7w2e7oMTDXNN7SbTaq7r6ozRwC6SgIAAABWUgAAAApoAQcKAPaKq_aRp1QXbrMQ9ZfVwLp0p2BsDQlmdfXD_NrSD5fOpKuYEzqoLjkbIyaaikVD9oS0MU_H8SQX3-gTF-huJbmPDMnjSPQ-3ZeioUg4mHgxaHp5DNSgAKG2B-ZWbXqpxLWKpU2Xr2KrDOu8N8-9smVTmyFBVe6Fm8DSP4TZlNtuhjP1NMJOthS-LuIHFACRche9R5MgaeU-TzI6cN6vhhcB4O2RcBP34oCXHKDWSiLcR6aRYE-9WRlt9USh1IRC84roTNJ3AGUxApfYVmRKA8UGX_yKGQ-yzIocokonXyplV0Nq3dLIoWWcIf5vYbb182tYf7AIj2mZAmkmhWYL31kLirgvg81hHhl41ECigg35kq737ieuAfoZTAoPKwEGmeu6h-FhWvuQLHqsZ4AUY3bHB3gVFTOJzws3FIThZrO90QqhhPxKe5pkuIgxnPQXGVetcMWkOadjTiyQ145mLf7x9d-BqLDsQRSE0zcVUpF7CMTHC4tJ6Z-lAJ3HMrn_UatxP8xkmThNqZEV2yhVcNsNnzuKA0zjLxkq-KHvhqUlByYXuo81g4MWEytuok0La1W2mkxH4t068MMm6XXfQ9QuDtWD9at0ry5A69Rsm0BhWlrnnVFGXfv7uVCzqkJYXOqjv42-4lXkRN7QJMgeaho2HwCYP_0g6VrZ-M9D0mEQQZr91HV7urpYSuCILf05obJ04vx_E-mDSbr0ZYKV18l7Zoz7Pe4pQHovKPRX1W5fj1eXJ7fvPihgzU-Ijk_ydQN2gZqrtMXy32iKUhJiMZgo7mwxAYryjJWf3Rgdffb_-ycn9C6Nq2n-062tZeldqfogNGf_CoDmgz_Ar2OBm5hVZISNlc7Fzj57_vzRqLyiyAoBfYkLNv9k4S2XD-LwBFFeFCK_flHsW463Hj_AYPKOFABBddXV3xwEwTZVe_gD-6ecPVjDzNLAKZtCTMkW06S8SgPj2lsdpyTWray-PEvDTS4RIUrhc7BjxWG1blynJuHav_go4ZlvydG7l-Od6KAW4mieM_Ik_oNQu1G5MkIxpu-hbqnHNbIt3l5ppo1628Mnhc-0sjWXJMjb35Gwq1MLWdqbYu33PtpJLGGBuMQrTPfbR5ulwp4GqFyKwLWzwyt2q69J3ExtiJWcZ9AmXYg2cQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://modsbase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 781F 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3vvSk8oTR44j0M94jibtsOYvXouljCarzRm0lzVRWn7HIS-mm_e9Bsto0jQCmc6cPVQJmy8fgERlMCZa7LIhaDiDTOsHBTofl1XH-t0s9so_mtomuUsIiEJ4qFg&sai=AMfl-YRXuutcMhlzUpDOAPmOUJ-9j5nHTlkoeFtKgxf1YacteanBdQqCVoJTQDCynePd-2_fRJPQDeVu-OSF&sig=Cg0ArKJSzL83rhrRuTWHEAE&id=lidar2&mcvt=1000&p=773,797,1065,1147&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3848599848&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625109452686&dlt=275&rpt=59&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B71A 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstImMwZnlu2rwEEfoUFkF-sdFy5JvvX9eQqcQziA6XMcqGmwzaq7AfEL1chwNjQJYHchcyOLx58KdRh77zPw9f1xRO3fiATwFvwgnyZzO7D3aaott3bqUPJkSFqmw&sai=AMfl-YSax4RYbPlBVRCmAlFJaiD-6mYVEO_X19PEFp0ma3F5H2oPRAtBj17XQ2slk68EqTGrwTJLEW4A5zwD&sig=Cg0ArKJSzBFLA0kTt9vBEAE&id=lidar2&mcvt=1000&p=305,300,555,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1063956442&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625109452623&dlt=390&rpt=126&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F754 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-InfW3P4HMSe4K0yc7nCVY70Fnbf_9uoRKVdf4lJqZ_9LA6CwXZ6y8y7WuETdXzzYMJ1hOkuStX9dbY0bP4VI-Wc8bYREfIcb9SoWvOG0zMqPss8oeZKzKQf9_A&sai=AMfl-YRoh7QfNmHjXNeckboNAyZuuussmeOpDLsaLoV7gxWQVqCAGZIL_u2wtKUL4URt-vpZ_roaSsZ0U6OG&sig=Cg0ArKJSzEwwfUMVMmTNEAE&id=lidar2&mcvt=1000&p=793,453,1073,789&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2086385075&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625109452668&dlt=637&rpt=72&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:25:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:46:45	Name: IDE Value: AHWqTUlhXDtVP_h7BWvYK7LeXi3wtdT-UkxVKmD74qvQGlZRFm7Eriabd9NUlvzfPDI
.modsbase.com/	1970-01-20 04:46:45	Name: __gads Value: ID=a105ec982bd4e5fd-2263d23a47c9009b:T=1625109452:RT=1625109452:S=ALNI_Mbx9LqgLYPkDhbTeqPpB52lIoClng
.modsbase.com/	1970-01-19 19:25:11	Name: __cf_bm Value: 78d2e4705bcd28586c2cdd147128267d49b8342e-1625109452-1800-AbThrfWwMAgzgWaw1fJtAW6SUn1pX5NbzR6w1YIJ2i+S3Suwa2kFdV6+zm4cZyLogZ2oNVVgAiANvO04WQNONGJtbp6n5EdbUMeFiiUAQaDdrHQf1VXCpbVXfCzjpS24EDuyY/z6ytp+BqEJZ2VfF5Y=
.modsbase.com/	1970-01-19 19:26:35	Name: _gid Value: GA1.2.1396260906.1625109453
.modsbase.com/	1970-01-19 19:45:19	Name: aff Value: 51277
.doubleclick.net/	1970-01-19 19:25:10	Name: test_cookie Value: CheckForPermission
.modsbase.com/	1970-01-19 19:25:09	Name: _gat_gtag_UA_45540017_3 Value: 1
.modsbase.com/	1970-01-20 12:56:21	Name: _ga Value: GA1.2.1437302870.1625109453
.modsbase.com/	1969-12-31 23:59:59	Name: lang Value: english

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2830603253714275984/js/script.js(Line 77) Message: 23500
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687993016731411593/js/script.js(Line 48) Message: 15000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
alignclamstram.com
cookieinfoscript.com
fonts.googleapis.com
fonts.gstatic.com
formerdrearybiopsy.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
modsbase.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
172.255.6.145
192.243.59.12
216.58.212.162
23.111.9.35
2606:4700:20::681a:74f
2606:4700:3030::6815:2212
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
0c8c7b17982ee92d0972f9840a6800201b127c2b721abeb385eedbed9ac05e0d
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
11f52232a23dbfd1eaff392d17bf82ecb121f713347a9b2191e196b34c1e0ae1
1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aec51a200e7bd8b0bbbb25438d01118b76154dc11f6e946f8f7090e2ce18252
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1fc39b3f2ab6acd5709ed2f4c12302b5f0feb3744f50f37b4633a7bf8ccaaee6
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23bd6842e71509a8d56f3f2b1e7824ae19ca291f3f604a482477c7dff248e09b
250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2ce85c7a4bb9bf407756ee628c2454e631685f3b0bd2251a9a9110bb172fedb6
2f28bece9e74b47fc21bc94afcf0690ecfc7f76e50b335bc6c2fe371862a462e
306c9cfae9d7383c6ffcb8167c0a23c2ce8a2785f2d0c9cebae65f4e29399033
377139ab897585c447e16ce86cc623b313a9f4ecbccbae138ed4d68c8bf22573
3e63414f5c207662083411c0af2a163aa09e061934213f66db8a056654449c00
3efe5482f1c20a2d3a6f3b60a1e61a60a9c3425880d9a4f453c452eab8bc8c6f
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818
490f66126e3245052eafa9f696bdc3af295dacbb1cb006649bdb34b0ebd95e01
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548634a357f48700300256d2b1de7dd0a881ada55b2d11d76887941b3d169fe7
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
646ccb2bc6d5f34ef2196899f1cc72b43cc0df424b166f9cc93c58112c9377bf
647ec2f094730bc8f1ee6f0a8118492a01463a84c8f0b5638cdc14fdcb7a29b6
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
69e50db63d439620e4619eb419c7aa7e798201b9694ed677d353d6613493fc08
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8ca651bc37d9fb3e486b2e4e26b9a4cd0e853f9facfdd1c02f1ba321e52874
6c4150da9efaa6c36e9e80dd100b386def593ff54298916592ea13b842d10c76
6d565fe846127ef85d84fa4cbfe7c02f78b91d09a4d2e409cc72d1c02edeedaa
6f05e2e99c93b8c2575012f2dc577a971eec001e80901e255041ccef44c316d7
6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
77011657902da7b65bc5ca0539980423d65c4b5833aa70f99e4e12a7d022482b
7876e4cb18258d72fe4ffdc1f6d36c74723216841ac70261bdd308d125d5b34f
7e062af40edc4d3683f80c4700d50854070e735034d6051e54d876fbc9308347
89c41db9a0b75838a0dc8f050ec1ddbb978ee005ac9eb4197ae6e4c803ba49c2
9326749db8d760ec1903cd3111cdb209e6eb8bc42c6845445ad6a9af5346cac7
9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda
9709c5f4db86b7a328c49a2a42d77a3da3ec9e55d404311df22c413cac63f2aa
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a0fb902fcd00ccc6e331c391c15b3d4b809817e87883a39222e2053f02496b06
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d23ba3941d8fa844c507293f463277f626b33d9de5cc0bb50dd71e5186026c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f2f51de33e7e962b9248ae11bd3d3d83ffaef15b8ce30c683b221335740488
ad2032de7722b0edb895002fa3993e6334ea3d0ead7b01d989e031b29750fa9e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d0f44d145cb024b0d87d79fbdfd2e1b16670895f0931b296da0f2ffe7b822b65
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d44eb67547f05836604d9040f08138409fbd37ee75daa8837bcc36d0d86ef84e
d648f543096c6fe62b3509842b77a20bd98e553f50c1c31a3091013fe74afbf9
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463
dbeb6ad5733d22ac033f3461b94f6e890509bd1b7900e1a32c7bb26e2448acd2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042
e28062ed3141e99d1fdcd9379c993ca6ad788f3de5fc134886df05f905c7aa6e
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f57797acd3ae5db292dc95ced0a2193a8dae57dd750ec62fe18466246e817c15
f586c1649e68c942f17f8090f3ccb8e9fbe013982d128c4d985431658a71a738
f836d0d6a3984a14260c49b7e03cf62b6d8ecb6d2c4a34e5114d0939498e31c8
fa3a0fda77978ae94c815b3ccc76280980037c0d754b55c0658f52aa8e6afd06

modsbase.com Open in urlscan Pro 2606:4700:20::681a:74f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

83 %IPv6

16 Domains

20 Subdomains

24 IPs

4 Countries

2263 kBTransfer

3663 kBSize

10 Cookies

1 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

modsbase.com Open in urlscan Pro
2606:4700:20::681a:74f Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

20
Subdomains

24
IPs

4
Countries

2263 kB
Transfer

3663 kB
Size

10
Cookies

104 HTTP transactions
4 data transactions