ipsw.me Open in urlscan Pro
104.26.9.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ipsw.me/
Effective URL:
https://ipsw.me/
Submission: On September 21 via manual (September 21st 2023, 12:52:15 pm UTC) from CA — Scanned from CA

Summary HTTP 110 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 110 HTTP transactions. The main IP is 104.26.9.156, located in and belongs to CLOUDFLARENET, US. The main domain is ipsw.me. The Cisco Umbrella rank of the primary domain is 443007.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2023. Valid for: a year.

This is the only time ipsw.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.26.8.156 104.26.8.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.26.9.156 104.26.9.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.253.122.97 172.253.122.97	15169 (GOOGLE) (GOOGLE)
3 13	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
2	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
1	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
3	172.253.115.113 172.253.115.113	15169 (GOOGLE) (GOOGLE)
1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
1	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
7	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
4	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
22	142.251.16.132 142.251.16.132	15169 (GOOGLE) (GOOGLE)
4	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
3	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
2 3	142.251.163.103 142.251.163.103	15169 (GOOGLE) (GOOGLE)
14	172.253.115.138 172.253.115.138	15169 (GOOGLE) (GOOGLE)
110	18

1 104.26.8.156 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ipsw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.9.156 (None, )

ASN13335 (CLOUDFLARENET, US)

ipsw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.16.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f113.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.103 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.253.115.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f138.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	488 KB
20	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673	65 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	164 KB
13	ipsw.me 1 redirects ipsw.me — Cisco Umbrella Rank: 443007	333 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	120 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	601 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	228 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	155 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8716	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1476	7 KB
110	12

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	ipsw.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	ipsw.me	1 redirects ipsw.me static.cloudflareinsights.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.googleadservices.com	ipsw.me googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	ipsw.me www.googletagmanager.com
1	www.google.ca	ipsw.me
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	ipsw.me
110	18

This site contains links to these domains. Also see Links.

Domain
mas.to
telegram.me
reddit.com
twitter.com
ipswdownloads.docs.apiary.io
github.com
www.paypal.me
emperorservers.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://ipsw.me/
Frame ID: 9284372C3FF53E2FB369639B694BED68
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: 105A1A54728530514CE8E2AF86383856
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&adk=1812271804&adf=3025194257&lmt=1695325930&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fipsw.me%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730580&bpp=5&bdt=187&idt=162&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4966623535216&frm=20&pv=2&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=181
Frame ID: 21D641A8095CADF4A2402A5DAF04C9FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189
Frame ID: 5A25B149E77A0AE1FA530393BFBE6741
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730587&bpp=1&bdt=193&idt=191&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gaTIMQQw7H&p=https%3A//ipsw.me&dtd=193
Frame ID: 24F06866351D7DA90C3B7DCEC85A7A2F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31D72535ECC1E6AC77FDA86A8D6765BA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 819BF192FD0055374120BC6B223E8BF1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 943EA59D6D8BE3C40751C480013551EA
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: 1562A6E4335B06FBCD22C5CED8587B26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E580ED13F90AC95961F6730B50BA2CA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: 17CDFB20D07A2C3B527FC0D5E048186D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: A6A4E64FB6B0F2617C2D3A351210CD34
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: D3641D36DF29C0649087F795D049FBB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: 0030D4D8A0D3C7776EC27094EDE60485
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08D537953A8525789939C0343423E99E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75368E2DCBDB78563187C184092E0566
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download iOS Firmware for iPhone, iPad, iPod Touch, Apple Watch, Apple TV and HomePod / IPSW Downloads

Page URL History Show full URLs

http://ipsw.me/ HTTP 301
https://ipsw.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

110
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

1584 kB
Transfer

4248 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://mas.to/@iOSReleases
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://telegram.me/iOSupdates
Title: Telegram Bot

Search URL Search Domain Scan URL

URL: https://reddit.com/r/jailbreak
Title: r/jailbreak

Search URL Search Domain Scan URL

URL: https://twitter.com/iOSReleases
Title: Twitter

Search URL Search Domain Scan URL

URL: https://ipswdownloads.docs.apiary.io/
Title: IPSW Downloads API

Search URL Search Domain Scan URL

URL: https://github.com/cj123
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.paypal.me/seejy
Title: Donate via PayPal

Search URL Search Domain Scan URL

URL: https://emperorservers.com/?utm_source=ipsw-me&utm_medium=cpc&utm_campaign=ipsw-me
Title: Emperor Servers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ipsw.me/ HTTP 301
https://ipsw.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 55

https://googleads.g.doubleclick.net/pagead/adview?ai=CHXcbejwMZcmhMpeextYP4_u38Aa5xf2ycdOMn5SJEK4CEAEgpaeHJGD9oJmB6AOgAZmYrdsDyAEBqAMByAPLBKoEvgFP0N8u-N9Hf7d8uTdHHUmbOimu3CuAuO3lxuVNoXl_d2WjB-yhM5W_8ESaXUPyGnGgO1FyRize-faRWuhrsUPSUK_cdYqKIq-oQ9oXU-xggRs0ThiB4QKv74LFQtCpx-P0_tOWq6nmEhTPZz_1KKx8VcyHB-hnfsWzBGGKIrUNjHU8KXqvmxXqrmfEg6Fb1TLv3kjpIV6MY1I0wJhOUIw2umnOymYPIuKvul6hm5PkANzLL1X1sC16gVGnGGccwATBwoP9_gOIBaPHw5QGkgUECAQYAZIFBAgFGASAB8_n0iSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDsvgTSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJQWh0dHBzOi8vZG93bmxvYWQuZHJpdmVyc3VwcG9ydC5jb20vbHAvZ2RuL2ZhbGNvbj90aWQ9R0ROLUFmZmluaXR5gAoByAsB2gwQCgoQwMPYjP6f8q11EgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi05NDIxNTQ5MzkzNzk5NDEyGAA&sigh=RNYXtaIZLMw&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWNNOR6UtoGdXUIVkXip0UyLnfcCb7QlB9yxclz5XhpkXLkQ0bnOLYI71MpR5nTSHwPMlQ6S-vyp5UvsXxzZbQ6c9wFTbYohgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf2038953b23b0840000000000000000%22,%222%22:%220xc7754b7c4f79b0da0000000000000000%22,%223%22:%220xd7264d57a393739d0000000000000000%22,%224%22:%220xf4a4826227e68eb70000000000000000%22,%225%22:%220xab5a0f5e5f69330c0000000000000000%22},%22debug_key%22:%2218348223532790224173%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216847874933645672641%22}&andc=true

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=CbAbeejwMZcSmMdbTqMwPm5St6AKV6r37ctuU28D_EJiS-IezAhABIKWnhyRg_aCZgegDoAHv3ebrAsgBAqgDAcgDyQSqBMQBT9DFN0gm50_wnMISmerSwxWXbT873X9hL57LjzauQjk2ZmUq_RIhxnlw_d6RvbmW-OfYLI65xqkAB8UpjAUIhKGtSeDg37uHV81vadzIfnoHeUSNmdcB3bew8hb89DGXaqP7QO3qTGAY5QvuSignRON9bSyPHHotkE2tWr566LDH66upxLPqj8P3MzBuaN2tVRVOPxlHOtXAofjSua1XBx29NRwOU-F9iDS7JoJtcP0aiwNg582Ch_RNl9byVyZnIDRpYMAEkID2gqkEiAXIk5WbSZIFBAgEGAGSBQQIBRgEoAYCgAf5oZmUAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOfjOtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk3aHR0cHM6Ly93d3cuaGFzaGljb3JwLmNvbS9zb2x1dGlvbnMvemVyby10cnVzdC1zZWN1cml0eYAKAcgLAdoMEAoKEPCk9KOfjvDySBICAQPYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItOTQyMTU0OTM5Mzc5OTQxMhgA&sigh=r5TnVcfY-fo&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW9mreCKX7S0AFbW8E1N-OD1duuhrHdyvR4dgl34ovAmnU8sGQwIYBX_30QOd7M9e2ud-qBiaGrXU-SZRwWM9-Z5i_8j8grBgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b3b682441f931ab0000000000000000%22,%222%22:%220x1f006e907e449a100000000000000000%22,%223%22:%220x4ecd808ebcc0fbd90000000000000000%22,%224%22:%220x49d42d2406be08300000000000000000%22,%225%22:%220x573b0f293c88c0860000000000000000%22},%22debug_key%22:%225906645411248693487%22,%22debug_reporting%22:true,%22destination%22:%22https://hashicorp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22762949359%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225682921631073193953%22}&andc=true

Request Chain 70

https://googleads.g.doubleclick.net/pagead/adview?ai=CulgyejwMZdD6MbD3xtYP3tSjyAm13oOGc-nQnuG2EfaN7b2NDhABIKWnhyRg_aCZgegDoAGwlPWWA8gBCagDAcgDywSqBMYBT9DscsJJFP6Mi5-p8Vy96IoX0A0C-5feMK4357ORc3DcTelrUoSqL9itNrjPBa8Zl6uSbrGKcwq5bp3V-_Oz_qG16Ylk5kJ6DygwbnXH4KO-67MMocCCf52D5cod_83PTcNM5AB2Ru9gwx0DMSV6yBDvqXN2dIQi8ZPYGf7t7HxTzO4ZyVD-7mVFpfNYqNeubawt-QrZbgl6GbdkYx-JLyCzy9RsOQwjW7vuXmxLU8v25xUcdfzZKb2hfOwgulXnH22dHRJcwATwlKniiASIBaX90LBCkgUECAQYAZIFBAgFGASgBi6AB52U-QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCh_ZQB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCY8BaHR0cHM6Ly93d3cubHVjaWRjaGFydC5jb20vcGFnZXMvbGFuZGluZy9kaWFncmFtLXNvZnR3YXJlP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1fY2hhcnRfZW5fdGllcjFfZGVza3RvcF9wbWF4X3N0cmF0ZWdpY1-ACgHICwHaDBEKCxCQ9qGUw6SPj5sBEgIBA7gT5APYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItOTQyMTU0OTM5Mzc5OTQxMhgA&sigh=6bNXOvNASw4&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW0XuDCKcwA2g6j6F2zjkuWufOMsQx9Blc6gNR-JYTSPWvbdzLRVNtN93qMEfDywWy9EU7_Er-7OdTytQg0pfVmIvjnlSBYxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87ef1d953e389a4e0000000000000000%22,%222%22:%220xa0c276d5c09ca46b0000000000000000%22,%223%22:%220x586222616a39b9430000000000000000%22,%224%22:%220x338988ceeb3c9e9f0000000000000000%22,%225%22:%220xc76cba9b58e20f610000000000000000%22},%22debug_key%22:%2211043767332233421364%22,%22debug_reporting%22:true,%22destination%22:%22https://lucidchart.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22853363248%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216010388280674259057%22}&andc=true

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

110 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ipsw.me/
Redirect Chain

http://ipsw.me/
https://ipsw.me/

11 KB
3 KB

73ms
34ms

Document
text/html

104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0affa655942172ea89ec8cf8cf7feadb6c856dc44a141c7809d08f8a074ddbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-ray: 80a2719cccb9a235-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 12:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPrfqcVSDDoaUJB11LPrfLxgWiJ90QF95rcnLLLz%2By2CzdhNb9qRwbrEPIIkvQSACdtH15geV2Ex8z0aPz5o%2BoSqGy2VJ4bvtiJxfNjBAl04slwpWyHtc9E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 80a2719c5bfb36f9-YYZ
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 21 Sep 2023 12:52:10 GMT
Expires: Thu, 21 Sep 2023 13:52:10 GMT
Location: https://ipsw.me/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDxjgI6ro6bsM4i1r4z5KxIYTMPhAE%2FaEIjmi6MgGt%2FM5QfDyFkjF87sIo1omVjDtFyFk3Ga55V8jWcXDwwYjMMAA8l82kuoIo3nM5tRuF2k5cV5b1Qvrkc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
ipsw.me/assets/ 453 KB
96 KB 37ms
36ms Stylesheet
text/css 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/assets/style.css

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d9beefd77de0bcaf132569673cbc271cd76d573952371bd0ef6ebcdbb888e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJc6FNCASX1ylecyL3GYLSnjkhy8fkAmqli2DrfhqjGwHWIF6cFmNR0SFgKt4efb%2B1u13L1oqFEcoPWMyR5tFXEfkGd5BGe94w2Tg30n0QRJX1vivYFWEu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 80a2719d0d06a235-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 136ms
62ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

fdb951757e1b4c1f66eaf527ed737bc757ce3a27b5ea3571845b732cff4b1b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50923
x-xss-protection: 0
server: cafe
etag: 6912513229478452708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:10 GMT

GET
H3 200 ipsw_logo_200.png
ipsw.me/assets/brand/ 3 KB
3 KB 44ms
43ms Image
image/png 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/brand/ipsw_logo_200.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba70b09d6589222ddf8f6b071483f53e14190a797ba2e0f1391febaab71c5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_z510b31194ebe890c63c80e12_f104bee437d224d26_d20201216_m184842_c001_v0001150_t0026
age: 171647
cf-polished: origSize=3662
x-bz-content-sha1: 6b5adbbacd22009ffccdd34c6fea7508ff914d27
x-bz-file-name: brand/ipsw_logo_200.png
alt-svc: h3=":443"; ma=86400
x-bz-info-src_last_modified_millis: 1608144510864
x-bz-upload-timestamp: 1608144522000
last-modified: Tue, 19 Sep 2023 13:11:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TXCv2AUR6oOGNtjx2WJeLiDbHXVZo13MkGPZxAJPqTCN7R2KoW6toOm%2F%2FSkJz72LhaNLizpDULQboRLw9syFCvz6sWmW1OT6K7i%2F%2BKTMvCZRgRccUDj2aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
cf-ray: 80a2719d8a6838e5-YYZ

GET
H3 200 iPhone15,3.png
ipsw.me/assets/devices/ 19 KB
19 KB 65ms
63ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/iPhone15,3.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cab693308a8d1530e81195aef226713b866df3b5d7b2c1d9b69d99ddd5e3987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171647
cf-polished: origFmt=png, origSize=25903
content-disposition: inline; filename="iPhone15,3.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 13:11:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTqibDVebhMfzQJPsUL7kM%2FG4uAMJcaB5R9isXwD0RLWN%2FlCIyAZnQ7bMRdTYbow83LoGDGkZ6vyV%2B%2F%2Fo%2Bo9B5LzHDOcO7yV8qt5KX8LCRy7L%2F5QArwAtXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcac838e5-YYZ

GET
H3 200 iPad13,6.png
ipsw.me/assets/devices/ 22 KB
23 KB 65ms
64ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/iPad13,6.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e490792da979f6c9e7fcacbf0daac9d2bd9096bf8491bb9ad9241255b54a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47953
cf-polished: origFmt=png, origSize=31301
content-disposition: inline; filename="iPad13,6.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 23:32:57 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6DF0yU1ogKiNEQsL2o8NGO%2BB3OUcOJ7IAJXIo3%2B0exkQ3UlVYAuC2ucS3FODyjpUMkSHB3b6H5hIOLdaic11ZyNMfS9HVyXM0hHEw%2BP71huwl6F3O3XM4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcacb38e5-YYZ

GET
H3 200 Mac14,10.png
ipsw.me/assets/devices/ 29 KB
30 KB 83ms
81ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/Mac14,10.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

517f6816c9dad3fd6ac3fcad0de95775290de9037ced0ad24b4dd0f5426d4ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64893
cf-polished: origFmt=png, origSize=38761
content-disposition: inline; filename="Mac14,10.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 18:50:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J%2BTMbN0WKqtzbRxsJ5zrft6mrbCpWTHdaJV5idWVjN6IYqPHg%2FWORHlGNaUhVJWdq23EpsXLWKVchr62jNiODpGQf%2FsDYgY9TgVHhWg6n0j6FLLNKG6jV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcacc38e5-YYZ

GET
H3 200 AppleTV6,2.png
ipsw.me/assets/devices/ 33 KB
33 KB 98ms
97ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/AppleTV6,2.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16acd4e244d331fa74466587a8f980e1d3ad80130c320347d9847437494e057

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64893
cf-polished: origFmt=png, origSize=41863
content-disposition: inline; filename="AppleTV6,2.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 18:50:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADziO5AWgdzjqbC2p60Dzj21UqRvIym1umiiyibcRmd3K9KRvwCgPF9onaOdF%2FGO8wY9%2BHepxEolnYEGQ7E%2B6aFVcjMpVYsyEfoaWlqcTErlQvKf0zwFyEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcacd38e5-YYZ

GET
H3 200 AudioAccessory5,1.png
ipsw.me/assets/devices/ 56 KB
56 KB 47ms
46ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/AudioAccessory5,1.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a25f35480b4b686fb2a562d5827cf40dc7bc3e62b651274d0e0a043a61508ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171647
cf-polished: origFmt=png, origSize=60652
content-disposition: inline; filename="AudioAccessory5,1.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 13:11:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v3SQHviwQAv8pT50zXDlDu%2BfJxrFfy%2Bn62%2FiF33e2%2Ff9F6wSm8XRzbrhQ7ToYQGxvEOrTisBdcUTMn7hGKkjWDgsBU%2B9U7%2B1B%2Fu1Cr69xolqWJgwwjrijg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcace38e5-YYZ

GET
H3 200 Watch5,4.png
ipsw.me/assets/devices/ 20 KB
20 KB 116ms
114ms Image
image/webp 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/Watch5,4.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7101d950f27001e896a707f38cc9a789150dafa3a4c9bc0b4b73b69c11976f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171647
cf-polished: origFmt=png, origSize=24815
content-disposition: inline; filename="Watch5,4.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 13:11:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOVvHjlLgheYv6C4cjwc4AuMHDX0bjVYh2hHf02XyzdHPeBGBgQvzPFHI64Vj%2Fx3DLdJvpS52xOaEPB06g0hcRQwSuOXXJkzl71kM%2BxtEDeJvHMbMgLj%2BAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 80a2719dcacf38e5-YYZ

GET
H3 200 bootstrap.js Show response
ipsw.me/assets/ 147 KB
48 KB 117ms
115ms Script
text/javascript 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/assets/bootstrap.js

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8c8a6a149f603d660ab97ecf12175dc2b80006d8a74131502e461199d5a575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2W6NvKG4Jtyn5taZLuTjmF0KcSdLy9UPajxYUIkmCq0SNJZSDynoQMCfhFYBvopKFvOnriEUMZSVwn5p5951zC3lcp%2B3tPlb32rX7tiHfjaxQ53z8f%2BEfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800
cf-ray: 80a2719dcad038e5-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 107ms
69ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: ipsw.me
URL: https://ipsw.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://ipsw.me/
Origin: https://ipsw.me
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 80a2719e0b5b36d1-YYZ

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
67 KB 123ms
50ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

439f571d796ace89f20cfefa7f0ad9c7095ed1e11d897f261f8c0e593d9b3685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68320
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 12:52:10 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 110ms
110ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

3abb7a22dac7d28bac1bfc18f1a176ff8f60160cdbe499ecc947d7342f23fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131530
x-xss-protection: 0
server: cafe
etag: 3109013055628706126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame 105A 10 KB
5 KB 109ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 53553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 21:59:37 GMT
etag: 2603938475786422795
expires: Wed, 04 Oct 2023 21:59:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 details.json Show response
ipsw.me/user/ 54 B
709 B 143ms
142ms XHR
application/json 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/user/details.json

Requested by

Host: ipsw.me
URL: https://ipsw.me/assets/bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aefe2b02848a3e751a416f329e050d5dd35903ced406d864869e4dbf423df8a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
content-encoding: br
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding, Cookie
x-frame-options: DENY
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH%2F7uVejG4Yo8sYNibQPxw7fYM41g3mi4so9Z9OYk%2FRH1jHwir%2B6T45mQYwVW%2FXUodopjM1npycsxUX7niZaUQPpRV4TqVxRe7WaNUPXL0jChf%2FzELAtZo0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache
cf-ray: 80a2719ebbe338e5-YYZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
17ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 12:16:29 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2141
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 14:16:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
88 KB 53ms
53ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

63e8aba6b0e23c3da43570ac91b142ee693b6ff581aa85c88cf0f7f02490cfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 12:52:10 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
601 B 117ms
45ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ipsw.me&callback=_gfp_s_&client=ca-pub-9421549393799412

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

927f50d7bd165d03835db64527be4d801d165c4becbbef85e054220118f221bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21D6 288 KB
74 KB 1128ms
1126ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&adk=1812271804&adf=3025194257&lmt=1695325930&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fipsw.me%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730580&bpp=5&bdt=187&idt=162&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4966623535216&frm=20&pv=2&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

581bc16a2396dfcbcb539fb1b2e7b568a3ec8e663d736e5f36bc54cb95701d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75154
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:11 GMT
expires: Thu, 21 Sep 2023 12:52:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20fixed-top%20navbar-dark%20bg-primary%20navbar-expand-lg&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A25 107 KB
37 KB 1133ms
1132ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

3e5e8bf779af89e911c4e4b9a409477fc826372cee5ab5dd09c1ff83923a0bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37736
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:11 GMT
expires: Thu, 21 Sep 2023 12:52:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24F0 113 KB
39 KB 614ms
613ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730587&bpp=1&bdt=193&idt=191&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gaTIMQQw7H&p=https%3A//ipsw.me&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

c8c2e799d266245e6ca763be8a641613b77acae119e79a92401ddd3b13496e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40161
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:11 GMT
expires: Thu, 21 Sep 2023 12:52:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
202 B 40ms
39ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=754198075&t=pageview&_s=1&dl=https%3A%2F%2Fipsw.me%2F&ul=en-us&de=UTF-8&dt=Download%20iOS%20Firmware%20for%20iPhone%2C%20iPad%2C%20iPod%20Touch%2C%20Apple%20Watch%2C%20Apple%20TV%20and%20HomePod%20%2F%20IPSW%20Downloads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1724676570&gjid=1520234467&cid=1972377448.1695300731&tid=UA-26022325-1&_gid=1114689485.1695300731&_r=1&_slc=1&gtm=45He39i0n71PRP7VV&z=1448437039

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
239 B 118ms
44ms Ping
text/plain 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FLTLWFSYM0&gtm=45je39i0&_p=754198075&_gaz=1&cid=1972377448.1695300731&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695300730&sct=1&seg=0&dl=https%3A%2F%2Fipsw.me%2F&dt=Download%20iOS%20Firmware%20for%20iPhone%2C%20iPad%2C%20iPod%20Touch%2C%20Apple%20Watch%2C%20Apple%20TV%20and%20HomePod%20%2F%20IPSW%20Downloads&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 117ms
43ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FLTLWFSYM0&cid=1972377448.1695300731&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 122ms
48ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FLTLWFSYM0&cid=1972377448.1695300731&gtm=45je39i0&aip=1&z=738310700

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 24F0 9 KB
4 KB 110ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730587&bpp=1&bdt=193&idt=191&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gaTIMQQw7H&p=https%3A//ipsw.me&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:27:20 GMT

GET
H2 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame 24F0 11 KB
5 KB 110ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 00:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 24F0 15 KB
2 KB 119ms
46ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:37:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 12:52:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 24F0 23 KB
9 KB 37ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 24F0 3 KB
1 KB 40ms
39ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 24F0 20 KB
8 KB 108ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24F0 182 KB
57 KB 569ms
496ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:11 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 24F0 36 KB
15 KB 37ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 18:00:06 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 24F0 33 KB
34 KB 110ms
36ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:29:27 GMT
x-content-type-options: nosniff
age: 199364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 05:29:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D7 143 B
166 B 35ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730587&bpp=1&bdt=193&idt=191&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gaTIMQQw7H&p=https%3A//ipsw.me&dtd=193
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:13:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 24F0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e131ad93d9be78f83d48425b5004e1b4e1624536846b9f578b917fbf396ca1b3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:11 GMT
expires: Thu, 21 Sep 2023 12:52:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 5A25 4 KB
744 B 49ms
47ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 11:28:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 12:52:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 5A25 23 KB
9 KB 36ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 5A25 3 KB
1 KB 35ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 5A25 20 KB
8 KB 37ms
36ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A25 182 KB
57 KB 97ms
96ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:11 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 5A25 36 KB
15 KB 36ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 18:00:06 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 73ms
73ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

86669b2ccf3e4e5baa78403b74f8529ed4f28ad80631627519ec7ea785b63384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53719
x-xss-protection: 0
server: cafe
etag: 9824303692592518224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:11 GMT

GET
H2 200 ca-pub-9421549393799412 Show response
fundingchoicesmessages.google.com/i/ 155 KB
51 KB 71ms
67ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9421549393799412?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

051edb4714e9d2352d3f460ea0b13293ebda239ab2d6a842c0dcb7c66164e6dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MHK4ivSql873-2lwyZ4xbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-MHK4ivSql873-2lwyZ4xbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
64ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9421549393799412&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230918_103605&sat=1695208049220&afm=2%2C0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.287&alldns=0.287&allp=14&pgh=1950&abl=false&rr=n&su=ipsw.me&pvc=1722661168733218&r=0.1&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14823515870637395928/ Frame 5A25 10 KB
11 KB 58ms
58ms Image
image/jpeg 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14823515870637395928/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

91c4e595aa10f76df0cd9e48569d44f9cb4102068d6bbf5d984819763ae21f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10740
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 12:52:12 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16888673645577097720/ Frame 5A25 3 KB
3 KB 37ms
36ms Image
image/png 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16888673645577097720/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

4be1877da4042aa59043e09a03b2640f359616a650bb7e3e5d03c4d3b59e73eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:59:38 GMT
x-content-type-options: nosniff
age: 21154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3334
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:15:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 06:59:38 GMT

GET
DATA 200
OK truncated
/ Frame 5A25 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 374a46d9c826535d094508a479855e193d3d6e52f6930a4adc853b0cda0f584e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A25 16 KB
16 KB 37ms
36ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:29:25 GMT
x-content-type-options: nosniff
age: 199367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 05:29:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A25 15 KB
15 KB 40ms
39ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 00:41:52 GMT
x-content-type-options: nosniff
age: 216620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 00:41:52 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 819B 10 KB
4 KB 36ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 52619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 22:15:13 GMT
etag: 2603938475786422795
expires: Wed, 04 Oct 2023 22:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 943E 10 KB
4 KB 36ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 52619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 22:15:13 GMT
etag: 2603938475786422795
expires: Wed, 04 Oct 2023 22:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXn8ma_FgDhMRkkZCzPY-wqMMVL5QUr8u8wDN4h6l7HxDQ8O1jM9LPuWMZbIp4Nnbo_bU5o4CeeuF3CHWflluZmckPI9nVOGr8AnBeAh3ezU1BS0xipmKmGoq6Q-74IommLA8zBeA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 88ms
88ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXn8ma_FgDhMRkkZCzPY-wqMMVL5QUr8u8wDN4h6l7HxDQ8O1jM9LPuWMZbIp4Nnbo_bU5o4CeeuF3CHWflluZmckPI9nVOGr8AnBeAh3ezU1BS0xipmKmGoq6Q-74IommLA8zBeA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzAwNzMyLDE2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pcHN3Lm1lLyIsbnVsbCxbWzgsIi0tcWtQVXNkM1AwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.--qkPUsd3P0.es5.O/d=1/rs=AJlcJMyFNlTwg0Bu3gkJ49-vwIzkkBbU3g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

af1eee6782acb36fb97102053f14a8f0f96018533a6cb920d5438697b56b292f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XeYtcUW8xKuXfsuIWu__fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XeYtcUW8xKuXfsuIWu__fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 24F0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHXcbejwMZcmhMpeextYP4_u38Aa5xf2ycdOMn5SJEK4CEAEgpaeHJGD9oJmB6AOgAZmYrdsDyAEBqAMByAPLBKoEvgFP0N8u-N9Hf7d8uTdHHUmbOimu3CuAuO3lxuVNoXl_d2WjB-yhM5W...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf2038953b23b0840000000000000000%22,%222%22:%220xc7754b7c4f79b0da0000000000000000%22,%223%22:%220xd7264d...

0
0

52ms
47ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf2038953b23b0840000000000000000%22,%222%22:%220xc7754b7c4f79b0da0000000000000000%22,%223%22:%220xd7264d57a393739d0000000000000000%22,%224%22:%220xf4a4826227e68eb70000000000000000%22,%225%22:%220xab5a0f5e5f69330c0000000000000000%22},%22debug_key%22:%2218348223532790224173%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216847874933645672641%22}&andc=true

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xbf2038953b23b0840000000000000000","2":"0xc7754b7c4f79b0da0000000000000000","3":"0xd7264d57a393739d0000000000000000","4":"0xf4a4826227e68eb70000000000000000","5":"0xab5a0f5e5f69330c0000000000000000"},"debug_key":"18348223532790224173","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"16847874933645672641"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 12:52:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xbf2038953b23b0840000000000000000","2":"0xc7754b7c4f79b0da0000000000000000","3":"0xd7264d57a393739d0000000000000000","4":"0xf4a4826227e68eb70000000000000000","5":"0xab5a0f5e5f69330c0000000000000000"},"debug_key":"18348223532790224173","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"16847874933645672641"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1562 37 KB
14 KB 37ms
36ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:40:12 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 819B 4 KB
671 B 46ms
46ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:41:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 12:52:12 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 819B 205 B
229 B 36ms
35ms Image
image/png 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:03:14 GMT
x-content-type-options: nosniff
age: 2938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 20 Sep 2024 12:03:14 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 819B 604 B
628 B 37ms
36ms Image
image/png 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:38:40 GMT
x-content-type-options: nosniff
age: 544412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Sep 2024 05:38:40 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 819B 15 KB
6 KB 42ms
40ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:54:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:54:20 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 819B 20 KB
8 KB 40ms
39ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:54:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:54:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 943E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CbAbeejwMZcSmMdbTqMwPm5St6AKV6r37ctuU28D_EJiS-IezAhABIKWnhyRg_aCZgegDoAHv3ebrAsgBAqgDAcgDyQSqBMQBT9DFN0gm50_wnMISmerSwxWXbT873X9hL57LjzauQjk2ZmU...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b3b682441f931ab0000000000000000%22,%222%22:%220x1f006e907e449a100000000000000000%22,%223%22:%220x4ecd80...

0
0

51ms
46ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b3b682441f931ab0000000000000000%22,%222%22:%220x1f006e907e449a100000000000000000%22,%223%22:%220x4ecd808ebcc0fbd90000000000000000%22,%224%22:%220x49d42d2406be08300000000000000000%22,%225%22:%220x573b0f293c88c0860000000000000000%22},%22debug_key%22:%225906645411248693487%22,%22debug_reporting%22:true,%22destination%22:%22https://hashicorp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22762949359%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225682921631073193953%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6b3b682441f931ab0000000000000000","2":"0x1f006e907e449a100000000000000000","3":"0x4ecd808ebcc0fbd90000000000000000","4":"0x49d42d2406be08300000000000000000","5":"0x573b0f293c88c0860000000000000000"},"debug_key":"5906645411248693487","debug_reporting":true,"destination":"https://hashicorp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["762949359"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"5682921631073193953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 12:52:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6b3b682441f931ab0000000000000000","2":"0x1f006e907e449a100000000000000000","3":"0x4ecd808ebcc0fbd90000000000000000","4":"0x49d42d2406be08300000000000000000","5":"0x573b0f293c88c0860000000000000000"},"debug_key":"5906645411248693487","debug_reporting":true,"destination":"https://hashicorp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["762949359"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"5682921631073193953"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 943E 23 KB
9 KB 35ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E580 143 B
166 B 36ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:13:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 943E 3 KB
1 KB 46ms
45ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 943E 20 KB
8 KB 38ms
37ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 14044076236425848494
tpc.googlesyndication.com/simgad/ Frame 943E 15 KB
15 KB 45ms
45ms Image
image/png 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14044076236425848494?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkhsnivDxO7YH4MQlyfd8nu9I80Jw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

a5ec752156e432fb16a9ec13f8941e2706602f5009d91c0e9bdee92e0ebbb1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:49:39 GMT
x-content-type-options: nosniff
age: 153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 21:48:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 12:49:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 943E 182 KB
57 KB 172ms
169ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 943E 35 KB
14 KB 56ms
54ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

37ff2a67cdfea7cc97eb5702aca327a995913ade98368d7f281c62c37b42d744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14554
x-xss-protection: 0
server: cafe
etag: 14061998647302830610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:51:53 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5A25
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CulgyejwMZdD6MbD3xtYP3tSjyAm13oOGc-nQnuG2EfaN7b2NDhABIKWnhyRg_aCZgegDoAGwlPWWA8gBCagDAcgDywSqBMYBT9DscsJJFP6Mi5-p8Vy96IoX0A0C-5feMK4357ORc3DcTel...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87ef1d953e389a4e0000000000000000%22,%222%22:%220xa0c276d5c09ca46b0000000000000000%22,%223%22:%220x586222...

0
0

52ms
47ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87ef1d953e389a4e0000000000000000%22,%222%22:%220xa0c276d5c09ca46b0000000000000000%22,%223%22:%220x586222616a39b9430000000000000000%22,%224%22:%220x338988ceeb3c9e9f0000000000000000%22,%225%22:%220xc76cba9b58e20f610000000000000000%22},%22debug_key%22:%2211043767332233421364%22,%22debug_reporting%22:true,%22destination%22:%22https://lucidchart.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22853363248%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216010388280674259057%22}&andc=true

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x87ef1d953e389a4e0000000000000000","2":"0xa0c276d5c09ca46b0000000000000000","3":"0x586222616a39b9430000000000000000","4":"0x338988ceeb3c9e9f0000000000000000","5":"0xc76cba9b58e20f610000000000000000"},"debug_key":"11043767332233421364","debug_reporting":true,"destination":"https://lucidchart.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["853363248"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"16010388280674259057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 12:52:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x87ef1d953e389a4e0000000000000000","2":"0xa0c276d5c09ca46b0000000000000000","3":"0x586222616a39b9430000000000000000","4":"0x338988ceeb3c9e9f0000000000000000","5":"0xc76cba9b58e20f610000000000000000"},"debug_key":"11043767332233421364","debug_reporting":true,"destination":"https://lucidchart.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["853363248"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"16010388280674259057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
45ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 12:52:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 17CD 37 KB
14 KB 39ms
38ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&fwrn=4&fwrnh=100&lmt=1695325930&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695300730585&bpp=2&bdt=192&idt=184&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4966623535216&frm=20&pv=1&ga_vid=1972377448.1695300731&ga_sid=1695300731&ga_hid=754198075&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31076997%2C44796700&oid=2&pvsid=1722661168733218&tmod=413509765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WowRW91z7o&p=https%3A//ipsw.me&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:40:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
45ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 12:52:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
45ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 12:52:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A6A4 6 KB
706 B 51ms
50ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:34:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 12:52:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame A6A4 2 KB
892 B 36ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame A6A4 23 KB
9 KB 39ms
39ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame A6A4 3 KB
1 KB 42ms
41ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame A6A4 20 KB
8 KB 39ms
39ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:49:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6A4 182 KB
57 KB 64ms
64ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 12:52:12 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame A6A4 36 KB
15 KB 40ms
39ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 18:00:06 GMT

GET
DATA 200
OK truncated
/ Frame 943E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0d66ba5a65c0661e53b5da2ef22f6b807d4c2280b8644707af6a43d6538b985

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E580
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:12 GMT
expires: Thu, 21 Sep 2023 12:52:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame D364 37 KB
14 KB 35ms
35ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:40:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 121ms
52ms XHR
application/json 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

59292947303eeeaed1ca8ae11127bda31b46820901e2beadfccf8bd8565ebe02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11990
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 0030 37 KB
14 KB 36ms
36ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:40:12 GMT

POST
H3 204 rum Show response
ipsw.me/cdn-cgi/ 0
135 B 21ms
20ms XHR
text/plain 104.26.9.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: application/json

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ipsw.me
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 80a271aa8c6138e5-YYZ

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 12:52:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08D5 13 KB
5 KB 36ms
35ms Document
text/html 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 199322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 05:30:10 GMT
expires: Wed, 18 Sep 2024 05:30:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7536 829 B
561 B 50ms
50ms Document
text/html 142.251.163.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f103.1e100.net

Software

GSE /

Resource Hash

e3fcba60dfb8803dd5418f833601818ea6fc9537fbe5b00e206b33b3496e86ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jKA_gjaYk6KbMkWVsIn7PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jKA_gjaYk6KbMkWVsIn7PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:52:12 GMT
expires: Thu, 21 Sep 2023 12:52:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 08D5 37 KB
14 KB 35ms
35ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:47:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7536 0
0 50ms
50ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=1722661168733218&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 08D5 0
10 B 35ms
34ms Image
text/plain 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MSH6Lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A25 42 B
64 B 53ms
53ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZDzYVYr7CLnWm8T64lk9K_lCMH4pzu4-7mLn5tafIx36pxq9j6fu_lX7-XUUFHFTGslBaLEWMV5XpYLTJIqdNap9KXHzd_RO1BxMEjNxTyQasKpyp9E48OsCzHUDtt_hZurs-GGGOMA&sai=AMfl-YTBJq4N_I--ONYOcVR6NVxLoZILulhO2wNCTKArl7ufvMi1HbTHvMr6fDPOQJvRjDA2SYSZd2bRHDHbLbduDis8XU1ob192ywmJjeFt90ov2aLq85aHCvfyiSVUgewF4P6VJmQwR6T9Whzj&sig=Cg0ArKJSzMzfVtmWtxbpEAE&cid=CAQSSwBpAlJW0XuDCKcwA2g6j6F2zjkuWufOMsQx9Blc6gNR-JYTSPWvbdzLRVNtN93qMEfDywWy9EU7_Er-7OdTytQg0pfVmIvjnlSBYxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=199814935&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695300730775&rpt=1486&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 56ms
56ms Image
image/gif 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.1374014199222504

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_92CgMNmSTulrAtGqDQaag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-_92CgMNmSTulrAtGqDQaag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 69ms
68ms Image
image/gif 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.013966599430802

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-xQT6TzKoBgcuvtomT_GTPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-xQT6TzKoBgcuvtomT_GTPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=1722661168733218&bg=!gIOlg8zNAAYrDsWMCw47ADQBe5WfOMq4xXJrrOg8Dqfa-phkuct9BVubehwMZ9bwN5HdA4ciQTj2w6UKhI2RmXC6BcqfAgAAAD9SAAAABmgBB5kCp23wRDhpkxDdUWAeaAwEEaxMokS6AjqCFSf3TSRFlaVlhMlKPImaN-QXPcXoLEQeSLH8plpWkawy3qyrSb9tLW1juZGV8ty8f50ETZF_g5weYKJnXTsqrnna7IjSSpaW7c_9pdvcAeV0T9Gnt9E3KwWzVx4Clt_AiavMpUm5s4BfSqC32KQKCI-OV63nN-vuim3kxVnvSL0fhNEi6EhlqL5Piewj03ezyOp7dymhKoG0xgh3zlt70Q9wVhrc6VBzHnRmMGs5iDT0JveAOwX5rbJTSpSf71DJcP-3cBi0sAHCwOUOrPK1-H5z98-UXFcPtlk3e1kwDjUx1smfPSUujXNyLtbmolpGhNnQJ3wq4PlNiLwpOhY-QzE49Ih5Tb_em4zb9yeWLB8G05wGNtygL4C_Z08uYs_v1A0z8Bl4rJqFycQEUjf1B3ubcRQxnst58Jm64N1rLCWWWnT8ZPjMG9bomhd2CRnFBhqgRP2U4ziCtBOXxQSBkuuWyli7UzTjhwNi4lCYedDGPmipneqHVMpcNZ97wd2DewIzA5MdDkn0rI9AN7nOv1XRjbID3sgGDgM828hHSxcbAFTm2hpci7Qsta2WwldSuH8IlksVFjb7vGO2lQA5dkihquePflatQU8-1Wx6iMLZQyoqGLUYEEKb5EWFtQdL5e9Ico0I84HNpaNLBQwNp8Oned9WE_pu29N83jmz9OhuNrpTjX6zvzm8ktzpewVPATxT6IYn7QQatkbK_Z2vgoV6AT5EOsUNIzBgDUsY6XA4zXjaQLqqKhtcau-iogcCk2qXEz-ukHgJMprV7HYcVVZYTNJKAZMmEyTv7_RZ6dJfwq3cg9SosWjkLl6rDViI2mPKwraSoqjW9Ykwgo1Fp4eYMj1OFomYC1zVFeSiakA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

POST
H3 204 AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 127ms
54ms XHR
text/html 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DPMcpqWjTGxhLsb8Q6S5Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-DPMcpqWjTGxhLsb8Q6S5Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 943E 42 B
64 B 54ms
54ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufX7yK8nXNwztALxQZHgUPB6Yc2dgDbWoLu3TqnLmaL54M3fhqC20TqP9wMfMMIqYe64nCxfzGZwn8_6Yr37ZBfwfeJgxANr0Pw3hG3LxaoadgnY8wOf047BXnogQuaO0Aw4evINJUCA&sai=AMfl-YQbe2FOk4L8_6ayL-NZBvH_d3JH7SCR-HpszJm4PIl__D7g8XCpbIH4y7Wm8n7veMT7y3EqRJHV8hVw8e0lQG5TUNmcZwkaiul2He5zk7_wU5JbUgxFIEXQHnAEOm8g3XzvmnQx-lp2tSJO&sig=Cg0ArKJSzEG2Xn4nO6PiEAE&cid=CAQSSwBpAlJW9mreCKX7S0AFbW8E1N-OD1duuhrHdyvR4dgl34ovAmnU8sGQwIYBX_30QOd7M9e2ud-qBiaGrXU-SZRwWM9-Z5i_8j8grBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=119,802,1000,1015,1015&tos=119,683,198,15,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695300732147&rpt=327&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 12:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _728x90.swf Show response
fundingchoicesmessages.google.com/f/AGSKWxVVGmkZGhHNh71YmHr1KNMwH2KScN1a_wr-nlt9Es_OwUvve4-g8WRspQU0_0TOab7Q_1WFc8VSoukJp--nU-qlhKVTg3oFjkJ4CJ-vIHDV7_Ip57mQXvOEv_YVTyk1Gl1zS7sXq0qi0B5q0jctZIpAKPQY1... 54 B
109 B 55ms
55ms Script
application/javascript 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVGmkZGhHNh71YmHr1KNMwH2KScN1a_wr-nlt9Es_OwUvve4-g8WRspQU0_0TOab7Q_1WFc8VSoukJp--nU-qlhKVTg3oFjkJ4CJ-vIHDV7_Ip57mQXvOEv_YVTyk1Gl1zS7sXq0qi0B5q0jctZIpAKPQY1xGiL-Z6-Sza-ayj_61yvifk3DvHIBDA/_728x90.swf?/adperfdemo./ad/middle./ad-top./ads/community?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.--qkPUsd3P0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyFNlTwg0Bu3gkJ49-vwIzkkBbU3g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

7472212b7210c1598a43f5a3ef54c7f993a3581fbbb2acfa7f00cac8390ba9ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LM_nfmCqUisjpFCOKVjdSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-LM_nfmCqUisjpFCOKVjdSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 38ms
36ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.--qkPUsd3P0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyFNlTwg0Bu3gkJ49-vwIzkkBbU3g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

a492c39a72104f03f02884c60ee233fbef36f7319baffd35daa18d13e6c77e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30295
x-xss-protection: 0
server: cafe
etag: 7851833409019874458
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 13:29:07 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Ch6UXbxJLhYUsXGVCfv0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-6Ch6UXbxJLhYUsXGVCfv0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DTrV0BAq5Dfxjx1QuzCvFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-DTrV0BAq5Dfxjx1QuzCvFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wcJULnyg4e605hX6kzVXNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wcJULnyg4e605hX6kzVXNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eMq2zWH7XhwGaPPT3akUGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eMq2zWH7XhwGaPPT3akUGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsw.me
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUSL0GYuccxMxjocFfskHxn1hHnbVyIl2AGyQYvGy0J8O8C9L4apbCuDlmP7Dk75K7QD0e8_2qTCAZJ30hgBf1DikJgEmF80qlmv8qvSJkZW2o3vi3kPyNUxW3d2PD8r73yGo3hMw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 68ms
68ms Script
application/javascript 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUSL0GYuccxMxjocFfskHxn1hHnbVyIl2AGyQYvGy0J8O8C9L4apbCuDlmP7Dk75K7QD0e8_2qTCAZJ30hgBf1DikJgEmF80qlmv8qvSJkZW2o3vi3kPyNUxW3d2PD8r73yGo3hMw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzAwNzM0LDU3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pcHN3Lm1lLyIsbnVsbCxbWzgsIi0tcWtQVXNkM1AwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

7362aff2132930f97d1ebf4df38ce9c9a290010e822dea4d9915c395f76f3fa6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nIP9K5ofbRDiEcsZnyj1XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-nIP9K5ofbRDiEcsZnyj1XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-odJHZ3zXBX6PDW3grjPcAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-odJHZ3zXBX6PDW3grjPcAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWxXeNS5Xds9QQHihOFWSGRMyT7GPOaOAELi8mZlligGv76LO1KQhZN6SHAZjrnD1dDxZcg1XJjZ9izUzodIUO5wKMw80CK04hWl9YfI8UfmO5PIW3y2q20hN3jh8sQaRFxSkMrMQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
70ms Script
application/javascript 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxXeNS5Xds9QQHihOFWSGRMyT7GPOaOAELi8mZlligGv76LO1KQhZN6SHAZjrnD1dDxZcg1XJjZ9izUzodIUO5wKMw80CK04hWl9YfI8UfmO5PIW3y2q20hN3jh8sQaRFxSkMrMQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzAwNzM0LDEzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXBzdy5tZS8iLG51bGwsW1s4LCItLXFrUFVzZDNQMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

0441b0388e85657e96bc2cfdeb9e6710d65d192b40cab507912dbd308c69dd88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m7EBtp9n8SRchn890ApPZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-m7EBtp9n8SRchn890ApPZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVAyyl1ITfesFwS02S8YBHZdR129XWgOGMC2ojfmxNFUU3snAzunOU4ApNr1_9s68O-Oznx7FjRdbf12aMS8_dnmOWF7aVT6VIzkeSRCtDI6PV675jdokYkjrvN8ic7XTw3ExBsEg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 72ms
72ms Script
application/javascript 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAyyl1ITfesFwS02S8YBHZdR129XWgOGMC2ojfmxNFUU3snAzunOU4ApNr1_9s68O-Oznx7FjRdbf12aMS8_dnmOWF7aVT6VIzkeSRCtDI6PV675jdokYkjrvN8ic7XTw3ExBsEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzAwNzM0LDIwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pcHN3Lm1lLyIsbnVsbCxbWzgsIi0tcWtQVXNkM1AwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

30f18716a9030474ec2bbff8264f50619418b07fb56942bf2b5dcdb83a2d93a4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uce7-E8_YyrgHodIdtogPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ipsw.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uce7-E8_YyrgHodIdtogPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWHKgZBdD8OV-wsB6VqbB_Ds3B_CvcebYxLnHvEfc6oRDlEJ95NtKDi8V-HvCDP4rngxBaab0rg-WoXT6hdbOfz6uukogJnhX8hM-hVEuOZ9le2ZhAgLPPzxDlIXSlB23ck4GmXsg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
52ms XHR
text/html 172.253.115.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWHKgZBdD8OV-wsB6VqbB_Ds3B_CvcebYxLnHvEfc6oRDlEJ95NtKDi8V-HvCDP4rngxBaab0rg-WoXT6hdbOfz6uukogJnhX8hM-hVEuOZ9le2ZhAgLPPzxDlIXSlB23ck4GmXsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IqGXpuiXlNgajnkH36_ayA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IqGXpuiXlNgajnkH36_ayA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsw.me
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBl4N2t1C_dt4Wmbmm_qDxxhwihp_IWFmnRF86EOUhFv8xo0KOPgNUjldMQsj2Huqc-hX6bRGUTXO6XWWGroqdP7O3607i46_ppOW0m4JWzmnCKEUy167fddNsqPxUlAl-CLGdVQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rNZaKGSO96pWM33YXeyu7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsw.me/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 12:52:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rNZaKGSO96pWM33YXeyu7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ipsw.me/user	1969-12-31 23:59:59	Name: _gorilla_csrf Value: MTY5NTMwMDczMHxJa3hTYkRkWmRtTnBaMFozYkV4VWMzTTBLMlpFWm5jNWIySlVPVVpRWjJOVWQwVm1UM1pTTmpGNEwwMDlJZ289fHxMOEVQT8PEC6I8xS-qGSwXQeav49sEPglgi71RRZLj
.ipsw.me/	1970-01-20 14:56:27	Name: _gid Value: GA1.2.1114689485.1695300731
.ipsw.me/	1970-01-20 14:55:00	Name: _gat_UA-26022325-1 Value: 1
.ipsw.me/	1970-01-21 00:31:00	Name: _ga Value: GA1.1.1972377448.1695300731
.ipsw.me/	1970-01-21 00:16:36	Name: __gads Value: ID=034d4cebb6ac00b2:T=1695300730:RT=1695300730:S=ALNI_MYjYFq5_vFfJV-VrVi72URegq30rQ
.ipsw.me/	1970-01-21 00:16:36	Name: __gpi Value: UID=00000d94475e2b9d:T=1695300730:RT=1695300730:S=ALNI_MYjqc2ELD-NFkTQBvXMP8lmNtShbA
.doubleclick.net/	1970-01-20 14:55:04	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:31:00	Name: IDE Value: AHWqTUkHGgMSC9gBaJybvXnhKah8fqX8PK5FiJl7E56iW8gWjNmS0JNa9I3qKi9V5qk
.googleadservices.com/	1970-01-20 17:04:36	Name: ar_debug Value: 1
.ipsw.me/	1970-01-21 00:31:00	Name: _ga_FLTLWFSYM0 Value: GS1.1.1695300730.1.0.1695300732.58.0.0
.ipsw.me/	1970-01-20 23:40:36	Name: FCNEC Value: %5B%5B%22AKsRol9t2j1Q4QqsN6JYIKPliHHianL4ZgHnqmRlpXpmMiuLsmaLOE3RMgUHLueRTqCw3-FFoYcI0GRTIlLJcCS_U8E5ZgTcVtNjMYd82guHbLOO-Ys6-sP7qhPR9i3M2Qzc1Eny1Pw2QKnWQFXbcS62y4UpC41mWA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ipsw.me
pagead2.googlesyndication.com
partner.googleadservices.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.16.57.101
104.26.8.156
104.26.9.156
142.251.111.154
142.251.111.94
142.251.16.132
142.251.16.157
142.251.163.103
172.253.115.113
172.253.115.138
172.253.115.155
172.253.115.95
172.253.122.156
172.253.122.94
172.253.122.97
172.253.63.155
172.253.63.94
216.239.32.178
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0441b0388e85657e96bc2cfdeb9e6710d65d192b40cab507912dbd308c69dd88
051edb4714e9d2352d3f460ea0b13293ebda239ab2d6a842c0dcb7c66164e6dc
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0affa655942172ea89ec8cf8cf7feadb6c856dc44a141c7809d08f8a074ddbb3
0cab693308a8d1530e81195aef226713b866df3b5d7b2c1d9b69d99ddd5e3987
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aefe2b02848a3e751a416f329e050d5dd35903ced406d864869e4dbf423df8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30f18716a9030474ec2bbff8264f50619418b07fb56942bf2b5dcdb83a2d93a4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
374a46d9c826535d094508a479855e193d3d6e52f6930a4adc853b0cda0f584e
37ff2a67cdfea7cc97eb5702aca327a995913ade98368d7f281c62c37b42d744
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3abb7a22dac7d28bac1bfc18f1a176ff8f60160cdbe499ecc947d7342f23fc27
3e5e8bf779af89e911c4e4b9a409477fc826372cee5ab5dd09c1ff83923a0bdc
439f571d796ace89f20cfefa7f0ad9c7095ed1e11d897f261f8c0e593d9b3685
4be1877da4042aa59043e09a03b2640f359616a650bb7e3e5d03c4d3b59e73eb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
517f6816c9dad3fd6ac3fcad0de95775290de9037ced0ad24b4dd0f5426d4ba4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581bc16a2396dfcbcb539fb1b2e7b568a3ec8e663d736e5f36bc54cb95701d41
59292947303eeeaed1ca8ae11127bda31b46820901e2beadfccf8bd8565ebe02
5a25f35480b4b686fb2a562d5827cf40dc7bc3e62b651274d0e0a043a61508ce
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
63e8aba6b0e23c3da43570ac91b142ee693b6ff581aa85c88cf0f7f02490cfdf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7362aff2132930f97d1ebf4df38ce9c9a290010e822dea4d9915c395f76f3fa6
7472212b7210c1598a43f5a3ef54c7f993a3581fbbb2acfa7f00cac8390ba9ab
79e490792da979f6c9e7fcacbf0daac9d2bd9096bf8491bb9ad9241255b54a61
86669b2ccf3e4e5baa78403b74f8529ed4f28ad80631627519ec7ea785b63384
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
91c4e595aa10f76df0cd9e48569d44f9cb4102068d6bbf5d984819763ae21f5a
927f50d7bd165d03835db64527be4d801d165c4becbbef85e054220118f221bd
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a492c39a72104f03f02884c60ee233fbef36f7319baffd35daa18d13e6c77e85
a5ec752156e432fb16a9ec13f8941e2706602f5009d91c0e9bdee92e0ebbb1b1
ac8c8a6a149f603d660ab97ecf12175dc2b80006d8a74131502e461199d5a575
af1eee6782acb36fb97102053f14a8f0f96018533a6cb920d5438697b56b292f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d66ba5a65c0661e53b5da2ef22f6b807d4c2280b8644707af6a43d6538b985
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
bba70b09d6589222ddf8f6b071483f53e14190a797ba2e0f1391febaab71c5bd
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c16acd4e244d331fa74466587a8f980e1d3ad80130c320347d9847437494e057
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c4d9beefd77de0bcaf132569673cbc271cd76d573952371bd0ef6ebcdbb888e4
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c8c2e799d266245e6ca763be8a641613b77acae119e79a92401ddd3b13496e8f
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e131ad93d9be78f83d48425b5004e1b4e1624536846b9f578b917fbf396ca1b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fcba60dfb8803dd5418f833601818ea6fc9537fbe5b00e206b33b3496e86ed
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
e7101d950f27001e896a707f38cc9a789150dafa3a4c9bc0b4b73b69c11976f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdb951757e1b4c1f66eaf527ed737bc757ce3a27b5ea3571845b732cff4b1b8e

ipsw.me Open in urlscan Pro 104.26.9.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

97 %HTTPS

0 %IPv6

12 Domains

18 Subdomains

18 IPs

2 Countries

1584 kBTransfer

4248 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ipsw.me Open in urlscan Pro
104.26.9.156 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

1584 kB
Transfer

4248 kB
Size

11
Cookies

110 HTTP transactions
3 data transactions