www.statutoryholidays.com Open in urlscan Pro
67.20.113.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.statutoryholidays.com/thanksgiving.php
Submission: On September 10 via api (September 10th 2024, 11:19:41 am UTC) from IN — Scanned from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 35 HTTP transactions. The main IP is 67.20.113.142, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.statutoryholidays.com.
TLS certificate: Issued by R10 on August 5th 2024. Valid for: 3 months.

This is the only time www.statutoryholidays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	67.20.113.142 67.20.113.142	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
15	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	142.251.35.168 142.251.35.168	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
7	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
35	9

4 67.20.113.142 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2085.hostmonster.com

www.statutoryholidays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	77 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	279 KB
4	statutoryholidays.com www.statutoryholidays.com	30 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	gstatic.com fonts.gstatic.com	48 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	96 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
35	8

	Domain	Requested by
9	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www.statutoryholidays.com pagead2.googlesyndication.com
4	www.statutoryholidays.com	www.statutoryholidays.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.statutoryholidays.com
1	fonts.googleapis.com	www.statutoryholidays.com
35	8

This site contains no links.

Subject Issuer	Validity	Valid
mail.torontoislands.com R10	`2024-08-05` - `2024-11-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.statutoryholidays.com/thanksgiving.php
Frame ID: B3C192CDCE42B9EDB6FA0C7907B66BB3
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: FCAD165D4EAD1360B0F1F1CB8994E8BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725967177&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&pra=5&wgl=1&aihb=0&asro=0&ailel=3~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=3~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967176896&bpp=13&bdt=358&idt=380&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2162638413557&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=408
Frame ID: B65D177CE893DBB0A6A3307534BEE437
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=1593147862&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177348&bpp=7&bdt=810&idt=7&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=24
Frame ID: AC1AC568BE7B548AC89F46B76CF20E29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=2086170298&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177384&bpp=1&bdt=846&idt=1&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=4
Frame ID: BB271D6E80A12827DE88FC3B65DEB9F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=3530822286&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177402&bpp=11&bdt=864&idt=11&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=2357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=15
Frame ID: 8012A5656AABAC90817616BE9E150253
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: BBC09D16BF898523CD6B185951D82D7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: 05512BAEE3D9D67959B23B237D8238B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: DBE92178D9473A26F55E22781223638A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: D288A85C44452E78CC923174BB7FE63C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thanksgiving holiday in Canada 2024

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

35
Requests

91 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

531 kB
Transfer

1434 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request thanksgiving.php Show response
www.statutoryholidays.com/ 13 KB
6 KB 339ms
116ms Document
text/html 67.20.113.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statutoryholidays.com/thanksgiving.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.20.113.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2085.hostmonster.com
Software: Apache /
Resource Hash: 4d4120dd57cf3d11b4337ddbbd4f548872305fd60f990039ea1b04d4dcfaf1e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 5684
content-type: text/html; charset=UTF-8
date: Tue, 10 Sep 2024 11:19:36 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 styles.css
www.statutoryholidays.com/ 8 KB
3 KB 209ms
207ms Stylesheet
text/css 67.20.113.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statutoryholidays.com/styles.css
Requested by: Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.20.113.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2085.hostmonster.com
Software: Apache /
Resource Hash: 174de0b0462f5e21eb3e4260c0fc50c0f8a2c84e8b4f39ef38ab6550501efb4d

Request headers

Referer: https://www.statutoryholidays.com/thanksgiving.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:36 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 20:48:21 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2644

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 802ms
258ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,800,700

Requested by

Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df70fd21f51441a78eaacd60359ba11bc94d68074b2f9921e20f92db6f6e9b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Sep 2024 11:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 11:19:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Sep 2024 11:19:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 229ms
96ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7126928408494339

Requested by

Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

3274a4425b8814f48d30fc17174d5f5e674081c403ca031ad4cb0d148bcfc931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Origin: https://www.statutoryholidays.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52422
x-xss-protection: 0
server: cafe
etag: 13861619345363660649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 10 Sep 2024 11:19:36 GMT

GET
H2 200 stathol_logo.gif
www.statutoryholidays.com/images/ 19 KB
19 KB 107ms
106ms Image
image/gif 67.20.113.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.statutoryholidays.com/images/stathol_logo.gif
Requested by: Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.20.113.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2085.hostmonster.com
Software: Apache /
Resource Hash: 1d4b6d5acee416cfdbb68b83ea9f265cbcb989ed288acaf2023062a59d4b9bfa

Request headers

Referer: https://www.statutoryholidays.com/thanksgiving.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:36 GMT
last-modified: Thu, 26 Nov 2020 00:39:51 GMT
server: Apache
accept-ranges: bytes
content-length: 19143
content-type: image/gif

GET
H2 200 nav_icon.png
www.statutoryholidays.com/images/ 3 KB
3 KB 108ms
106ms Image
image/png 67.20.113.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.statutoryholidays.com/images/nav_icon.png
Requested by: Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.20.113.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2085.hostmonster.com
Software: Apache /
Resource Hash: b330c3ecfb5e06a5421e2d984a4755624ceb0f023661f365f73afd593d265628

Request headers

Referer: https://www.statutoryholidays.com/thanksgiving.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:36 GMT
last-modified: Thu, 26 Nov 2020 00:39:55 GMT
server: Apache
accept-ranges: bytes
content-length: 2892
content-type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 533ms
104ms Script
application/javascript 142.251.35.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WNDJXE38HN

Requested by

Host: www.statutoryholidays.com
URL: https://www.statutoryholidays.com/thanksgiving.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8df772cb4cc30d4696d7d9e572569a766b9b82d70590c1c3922247b1bed2cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 11:19:37 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/ 87 KB
31 KB 211ms
90ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/slotcar_library_fy2021.js?bust=31086926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7126928408494339

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

15eec3774104bde2931d339f96fb9c7910cc514f56d758e8a0edc8b1230c49dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31238
x-xss-protection: 0
server: cafe
etag: 5743385593110851920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 11:19:37 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/ 415 KB
139 KB 234ms
115ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7126928408494339

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

5b9bdd7c7f58fac396b5aab537d9e8ebc4523a637d302f5f6a7d900dc8b399b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142648
x-xss-protection: 0
server: cafe
etag: 7724881470051202975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 11:19:37 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame FCAD 0
0 181ms
60ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:14:55 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 11:14:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame B65D 0
0 791ms
689ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725967177&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&pra=5&wgl=1&aihb=0&asro=0&ailel=3~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=3~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967176896&bpp=13&bdt=358&idt=380&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2162638413557&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=408

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 98240
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:19:38 GMT
expires: Tue, 10 Sep 2024 11:19:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 129ms
128ms Fetch
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7126928408494339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 547ms
74ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.statutoryholidays.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 06:39:25 GMT
x-content-type-options: nosniff
age: 535212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Sep 2025 06:39:25 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame AC1A 0
0 598ms
563ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=1593147862&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177348&bpp=7&bdt=810&idt=7&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36508
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:19:37 GMT
expires: Tue, 10 Sep 2024 11:19:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame BB27 0
0 547ms
530ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=2086170298&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177384&bpp=1&bdt=846&idt=1&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:19:37 GMT
expires: Tue, 10 Sep 2024 11:19:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8012 0
0 401ms
400ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7126928408494339&output=html&h=280&slotname=5079574231&adk=3047648025&adf=3530822286&pi=t.ma~as.5079574231&w=730&abgtt=6&fwrn=4&fwrnh=100&lmt=1725967177&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725967177402&bpp=11&bdt=864&idt=11&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=2162638413557&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=2357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95338227%2C95341664%2C95342033%2C31086926%2C95335247&oid=2&pvsid=1215109157422543&tmod=1902938318&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27197
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:19:37 GMT
expires: Tue, 10 Sep 2024 11:19:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 129ms
46ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WNDJXE38HN&gtm=45je4940v890655248za200&_p=1725967177429&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2125412325.1725967177&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725967177&sct=1&seg=0&dl=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&dt=Thanksgiving%20holiday%20in%20Canada%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1289
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WNDJXE38HN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 11:19:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/ 171 KB
57 KB 96ms
94ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/reactive_library_fy2021.js?bust=31086926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

6face3ba49ac7ce18031cabd62bf00f70fdfa7de3a3b47e59625dc2b72e8de7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58752
x-xss-protection: 0
server: cafe
etag: 3950913859417275385
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 11:19:38 GMT

GET
H2 200 ca-pub-7126928408494339 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 960ms
318ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7126928408494339?href=https%3A%2F%2Fwww.statutoryholidays.com%2Fthanksgiving.php&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38c872dbda59a24fda4f9b75e19fc8a98c7f11cb5495a4b6d399808ef09a81c5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Gst_UrdES7pkFhHgpg1-JQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Gst_UrdES7pkFhHgpg1-JQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw0pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzE99ddYn0OxHs_XmI9CsRC3BynrzVsZxNY8eezupJGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgaWBhZ6BWXyBAQDzhUCN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh Show response
fundingchoicesmessages.google.com/el/ 0
28 B 218ms
97ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dqoD-SdA-GQ.es5.O/am=SDA/d=1/rs=AJlcJMyQxcauci_Xn88ezIvoyROd690Nvw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FenwcJgBzMXMFG1x08YzOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 11:19:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-FenwcJgBzMXMFG1x08YzOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDhOX2vYziYw4fqP08xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAAHp1Los"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXDwer5oijB5ewhfeA0genFvjiDTO6xS7tX4j--raA3SsTBj2hwfHMlbTl_dDY3X75IgvtzTEM6BMaOgzA-wBtqeIUdpVN-GPBEmb1fhbPZhlpWQFmz_sSh14Qusuq0_nTdTU7J Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 379ms
378ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDwer5oijB5ewhfeA0genFvjiDTO6xS7tX4j--raA3SsTBj2hwfHMlbTl_dDY3X75IgvtzTEM6BMaOgzA-wBtqeIUdpVN-GPBEmb1fhbPZhlpWQFmz_sSh14Qusuq0_nTdTU7J?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTY3MTc5LDgyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuc3RhdHV0b3J5aG9saWRheXMuY29tL3RoYW5rc2dpdmluZy5waHAiLG51bGwsW1s4LCJkcW9ELVNkQS1HUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e301f970a5bd0c258c4bb67ffef59afd116798086f5923f89a7623062ff375a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GQpyU3LMkAsxAHoLcZnlVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GQpyU3LMkAsxAHoLcZnlVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0ZBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzE99ddYn0OxHs_XmI9CsRC3BxnrjVsZxN4MG-1j5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgaWBhZ6BWXyBAQDoQEBH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame BBC0 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:14:55 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 11:14:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame 0551 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:14:55 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 11:14:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame DBE9 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:14:55 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 11:14:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame D288 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 11:14:55 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 11:14:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxU45rW7wdtrcyP8Pa6ljudCR4yRuSrHxskF6r8FsTNXoc5qANku2XurcExMsYSnQ7rXo4nYqQ_wlWSKGTrHD5LLga_6GJMKC7LRhidLi46K0mGNCkvvfzzqxBOhk7hxFarsionu Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 93ms
92ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU45rW7wdtrcyP8Pa6ljudCR4yRuSrHxskF6r8FsTNXoc5qANku2XurcExMsYSnQ7rXo4nYqQ_wlWSKGTrHD5LLga_6GJMKC7LRhidLi46K0mGNCkvvfzzqxBOhk7hxFarsionu?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTY3MTgwLDIwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnN0YXR1dG9yeWhvbGlkYXlzLmNvbS90aGFua3NnaXZpbmcucGhwIixudWxsLFtbOCwiZHFvRC1TZEEtR1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

020395a549c8be391702ba9b53ddf7798bb92309fe8510c8664e3b022fc3d891

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tph22YQcZFS0IiR93CKMfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tph22YQcZFS0IiR93CKMfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxELcHGeuNWxnE5jQ9bZGSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA0sBCz8AsvsAAAB0uO0k"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET ads.asp
fundingchoicesmessages.google.com/f/AGSKWxU25Tua4Er9ehgMifN5x_IEx6_Bdh2o7fw55hWcXHYQuRZoWsnbcHFM9Xpd_lDGq-rBVxCw3LaBGsH4IiHaleVnU4fWlq6TP2fMQjjsfm5U5KgaXDzRRhI1PZDo1WyZD1KFtOKbYfxX9AqRDFCInDEZ6G9O-... 0
0

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 63ms
62ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dqoD-SdA-GQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxV__RwFjxaUZBehR06M6oCEkEl1Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 12:13:58 GMT

POST AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh
fundingchoicesmessages.google.com/el/ 0
0

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jNNCpLu_K8qAXOlYod0Gfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 11:19:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-jNNCpLu_K8qAXOlYod0Gfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDnOXmvYzibwYkqXuJJLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMbA0sNAzMI8vMAAAGnwtfQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BK-qiOz6mxPdSvZmonhqzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 11:19:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-BK-qiOz6mxPdSvZmonhqzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDnOXmvYziawYtcecSWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBpYKFnYB5fYAAAG8Utig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUWp3wme8J9WvB4V11TRizv3QrJu1w7GP6dmimdc4urKUX3c4EBnAILbWu3Y-_KDDt5_N2ytfqufraWJkNR0vtq0sXuBmhgp3orUQDja8bo3LJ6Z2nOotmKZJEjKGQWrYGjmSKR Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
98ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUWp3wme8J9WvB4V11TRizv3QrJu1w7GP6dmimdc4urKUX3c4EBnAILbWu3Y-_KDDt5_N2ytfqufraWJkNR0vtq0sXuBmhgp3orUQDja8bo3LJ6Z2nOotmKZJEjKGQWrYGjmSKR?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTY3MTgxLDIwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDksNl0sbnVsbCwyLG51bGwsImVuIixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsM10sImh0dHBzOi8vd3d3LnN0YXR1dG9yeWhvbGlkYXlzLmNvbS90aGFua3NnaXZpbmcucGhwIixudWxsLFtbOCwiZHFvRC1TZEEtR1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

9644917df1ca4b0bc2c7fb8122dad888b9fc981a10e43eb87e27625c5842601d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2KtlIcToC22nMPvEhCh-EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:19:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2KtlIcToC22nMPvEhCh-EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxELcHGevNWxnE_gxc6-MkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBpYGFnoFZfIEBABeeOyw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVLt_0gRr5GnbH51osiJYTPbENhCbyjfS6d7OzG2J0bgZObjHflNyPO7anfsEiI9681K2_suz8bKGdc5-CIcdZ61ny1q9TEtHV33JnzJKPn_l0XjKPvoGL-vzOLa7JkkMSDbvgF Show response
fundingchoicesmessages.google.com/el/ 0
28 B 88ms
88ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVLt_0gRr5GnbH51osiJYTPbENhCbyjfS6d7OzG2J0bgZObjHflNyPO7anfsEiI9681K2_suz8bKGdc5-CIcdZ61ny1q9TEtHV33JnzJKPn_l0XjKPvoGL-vzOLa7JkkMSDbvgF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-biE_OTP1xPNbVXuG3D8zFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 11:19:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-biE_OTP1xPNbVXuG3D8zFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDnOXmvYziaw4dxlTyWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBpYKFnYB5fYAAAO2At9g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eiyZiWZUdo_xFEo-nGyNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.statutoryholidays.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 11:19:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-eiyZiWZUdo_xFEo-nGyNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDnOXmvYziZwYfphLyWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBpYKFnYB5fYAAAL1MtzQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.statutoryholidays.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxU25Tua4Er9ehgMifN5x_IEx6_Bdh2o7fw55hWcXHYQuRZoWsnbcHFM9Xpd_lDGq-rBVxCw3LaBGsH4IiHaleVnU4fWlq6TP2fMQjjsfm5U5KgaXDzRRhI1PZDo1WyZD1KFtOKbYfxX9AqRDFCInDEZ6G9O-T5F14PC8RdJDQI7GteDU89eDt2Z7hc=/_/ads.asp?-ad3.=440x410;/ad-header.?adslot=

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxUz3L2GtDa-k2T-aSi6KO6QjUwkT0QM3MObv5Pk1AP2MGoZOSWBpSH9_z5zOsD0wvVVqBkBLGSP5GgVi0eJEPhrPukEXQ6cvdvTgM1CxPULtnWs6eJMBMMrWzKb_k5Ab521ffLh

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statutoryholidays.com/	1970-01-21 09:02:07	Name: _ga_WNDJXE38HN Value: GS1.1.1725967177.1.0.1725967177.0.0.0
.statutoryholidays.com/	1970-01-21 09:02:07	Name: _ga Value: GA1.1.2125412325.1725967177
.statutoryholidays.com/	1970-01-21 08:47:43	Name: __gads Value: ID=db77e20fdfa3e6cd:T=1725967177:RT=1725967177:S=ALNI_MYD2YKtjkoXglcHFCNt-aWCC57kOA
.statutoryholidays.com/	1970-01-21 08:47:43	Name: __gpi Value: UID=00000edd90d453d4:T=1725967177:RT=1725967177:S=ALNI_Mbx31bdACL_Xl5bDAiVJMvj4laZmQ
.statutoryholidays.com/	1970-01-21 03:45:19	Name: __eoi Value: ID=98fbb3eb3586b507:T=1725967177:RT=1725967177:S=AA-AfjbtF5hHykPFWsr8vOgMfbJY
.doubleclick.net/	1970-01-21 03:45:19	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 09:02:07	Name: IDE Value: AHWqTUkBnA6_eOUfsZHqS7TKWLYTnNcsD-zdyrOa8QKZxBhP39WgWJ9c0nR2qvJpQzg
.doubleclick.net/	1970-01-21 03:45:19	Name: APC Value: AfxxVi55f-mfwcuDI8iJbUkQej9ciy30HjxNQF1ZciN0mk-jigLpHw
.doubleclick.net/	1970-01-20 23:26:10	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-21 08:11:43	Name: CMID Value: ZuArTNHM75gABJlmABB3wAAA
.casalemedia.com/	1970-01-21 01:35:43	Name: CMPS Value: 1462
.casalemedia.com/	1970-01-21 01:35:43	Name: CMPRO Value: 1462
.adnxs.com/	1970-01-21 09:02:07	Name: receive-cookie-deprecation Value: 1
.teads.tv/	1970-01-21 08:10:16	Name: tt_viewer Value: 6806edf4-448b-4cdb-9609-fbabe9a614a4
.doubleclick.net/	1970-01-21 00:09:19	Name: ar_debug Value: 1
.flashtalking.com/	1970-01-21 08:55:31	Name: flashtalkingad1 Value: "GUID=609779BD135951"
.media.net/	1970-01-21 08:11:43	Name: visitor-id Value: 3689687801524112000V10
.media.net/	1970-01-20 23:36:11	Name: data-exp Value: setstatuscode~~1
.media.net/	1970-01-20 23:46:16	Name: data-g Value: CAESEFhzz8BBtgAkKAzRftejmPU~~6
.tapad.com/	1970-01-21 00:52:31	Name: TapAd_TS Value: 1725967180746
.tapad.com/	1970-01-21 00:52:31	Name: TapAd_DID Value: 73315882-4f36-4728-ba5c-6e432c6309b9
.tapad.com/	1970-01-21 00:52:31	Name: TapAd_3WAY_SYNCS Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.statutoryholidays.com
fundingchoicesmessages.google.com
142.251.35.168
142.251.40.226
142.251.41.14
2001:4860:4802:34::178
2607:f8b0:4006:80b::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:824::200e
67.20.113.142
020395a549c8be391702ba9b53ddf7798bb92309fe8510c8664e3b022fc3d891
15eec3774104bde2931d339f96fb9c7910cc514f56d758e8a0edc8b1230c49dd
174de0b0462f5e21eb3e4260c0fc50c0f8a2c84e8b4f39ef38ab6550501efb4d
1d4b6d5acee416cfdbb68b83ea9f265cbcb989ed288acaf2023062a59d4b9bfa
3274a4425b8814f48d30fc17174d5f5e674081c403ca031ad4cb0d148bcfc931
38c872dbda59a24fda4f9b75e19fc8a98c7f11cb5495a4b6d399808ef09a81c5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e301f970a5bd0c258c4bb67ffef59afd116798086f5923f89a7623062ff375a
4d4120dd57cf3d11b4337ddbbd4f548872305fd60f990039ea1b04d4dcfaf1e8
5b9bdd7c7f58fac396b5aab537d9e8ebc4523a637d302f5f6a7d900dc8b399b5
6face3ba49ac7ce18031cabd62bf00f70fdfa7de3a3b47e59625dc2b72e8de7f
8df772cb4cc30d4696d7d9e572569a766b9b82d70590c1c3922247b1bed2cea9
9644917df1ca4b0bc2c7fb8122dad888b9fc981a10e43eb87e27625c5842601d
b330c3ecfb5e06a5421e2d984a4755624ceb0f023661f365f73afd593d265628
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
df70fd21f51441a78eaacd60359ba11bc94d68074b2f9921e20f92db6f6e9b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.statutoryholidays.com Open in urlscan Pro 67.20.113.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

91 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

9 IPs

1 Countries

531 kBTransfer

1434 kBSize

22 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.statutoryholidays.com Open in urlscan Pro
67.20.113.142 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

91 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

531 kB
Transfer

1434 kB
Size

22
Cookies

35 HTTP transactions
0 data transactions