googlethisforme.com Open in urlscan Pro
162.241.244.88 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://whogooglesme.com/
Effective URL:
https://googlethisforme.com/
Submission Tags: @phishunt_io
Submission: On December 16 via api (December 16th 2020, 9:19:36 am UTC) from ES

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 44 HTTP transactions. The main IP is 162.241.244.88, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is googlethisforme.com.
TLS certificate: Issued by R3 on December 15th 2020. Valid for: 3 months.

This is the only time googlethisforme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	162.241.244.88 162.241.244.88	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
44	9

21 162.241.244.88 (Provo, United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5126.bluehost.com

whogooglesme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googlethisforme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlethisforme.com 1 redirects googlethisforme.com	622 KB
7	gstatic.com fonts.gstatic.com	125 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	199 KB
5	doubleclick.net googleads.g.doubleclick.net
2	googleapis.com fonts.googleapis.com	30 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	648 B
1	whogooglesme.com 1 redirects whogooglesme.com	98 B
44	10

	Domain	Requested by
20	googlethisforme.com	1 redirects googlethisforme.com
7	fonts.gstatic.com	fonts.googleapis.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	googlethisforme.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.googleapis.com	googlethisforme.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whogooglesme.com	1 redirects
44	11

This site contains links to these domains. Also see Links.

Domain
www.google.com
superbthemes.com

Subject Issuer	Validity	Valid
www.googlethisforme.323seo.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://googlethisforme.com/
Frame ID: 562C5FF84288FC5A09B045AFF9D56257
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 1DBD019DDD6A24F6AD3921210FA1EA4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=250&slotname=4995066307&adk=3685035880&adf=3960027938&pi=t.ma~as.4995066307&w=300&lmt=1608110357&psa=0&format=300x250&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357201&bpp=13&bdt=594&idt=69&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3884953107856&frm=20&pv=2&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s9yjqd8box&p=https%3A//googlethisforme.com&dtd=90
Frame ID: C03767BD711B58ADC9C81C49F8F49D6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=600&slotname=3642647107&adk=173324847&adf=1066463005&pi=t.ma~as.3642647107&w=300&lmt=1608110357&psa=0&format=300x600&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357215&bpp=2&bdt=608&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxIjfkcyiQ&p=https%3A//googlethisforme.com&dtd=91
Frame ID: 98531377A12D6EA42AA4A5A8C9FFCDAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&adk=1812271804&adf=3025194257&lmt=1608110357&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgooglethisforme.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357546&bpp=1&bdt=939&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97879f3d45c3a830-2210cfff8ba60020%3AT%3D1608110357%3ART%3D1608110357%3AS%3DALNI_Mbz7eKX9HvL3nQ0zBx9y4HuKr1eQA&prev_fmts=300x250%2C300x600&nras=1&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
Frame ID: 4D146A95DA2C42B4BABD6BD9D6648B13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: CA9F0BCA9EBB9FEB2E4CEE765F47CD42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: AF00FEBF4F86567BE5E2946F35C242B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://whogooglesme.com/ HTTP 301
http://googlethisforme.com/ HTTP 301
https://googlethisforme.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

11
Subdomains

9
IPs

2
Countries

1005 kB
Transfer

1729 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/alerts

Search URL Search Domain Scan URL

URL: https://superbthemes.com/
Title: SuperbThemes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://whogooglesme.com/ HTTP 301
http://googlethisforme.com/ HTTP 301
https://googlethisforme.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
googlethisforme.com/
Redirect Chain

https://whogooglesme.com/
http://googlethisforme.com/
https://googlethisforme.com/

41 KB
13 KB

1285ms
1009ms

Document
text/html

162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: e793ded7065f6502043e17ff49b72d37962d59dc6efa8905d5e6342ef49f1606

Request headers

:method: GET
:authority: googlethisforme.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
server: nginx/1.19.5
content-type: text/html; charset=UTF-8
content-length: 12551
x-pingback: https://googlethisforme.com/xmlrpc.php
link: <https://googlethisforme.com/wp-json/>; rel="https://api.w.org/", <https://googlethisforme.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://googlethisforme.com/>; rel=shortlink
cache-control: max-age=300
expires: Wed, 16 Dec 2020 09:24:15 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 3
x-server-cache: false

Redirect headers

Date: Wed, 16 Dec 2020 09:19:15 GMT
Server: nginx/1.19.5
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Pingback: http://googlethisforme.com/xmlrpc.php
X-Redirect-By: WordPress
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: https://googlethisforme.com/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 3
X-Server-Cache: false

GET
H2 200 style.min.css
googlethisforme.com/wp-includes/css/dist/block-library/ 53 KB
10 KB 432ms
431ms Stylesheet
text/css 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:00:20 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: text/css
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10450
expires: Wed, 23 Dec 2020 09:19:16 GMT

GET
H2 200 style.css
googlethisforme.com/wp-content/themes/blogrid/ 47 KB
15 KB 322ms
320ms Stylesheet
text/css 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/style.css?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: bb972acdea61c440d79270d58dc0d3f26cc1441ca7e7cd53272888afbeb0f1d3

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: text/css
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15305
expires: Wed, 23 Dec 2020 09:19:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 112 KB
30 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Requested by

Host: googlethisforme.com
URL: https://googlethisforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de22fc4c8fb757fb1238d3c3df8bd16b29a059dffc9e322cb47805eeabd2ef62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 09:19:16 GMT
server: ESF
date: Wed, 16 Dec 2020 09:19:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Dec 2020 09:19:16 GMT

GET
H2 200 font-awesome.min.css
googlethisforme.com/wp-content/themes/blogrid/css/ 30 KB
7 KB 318ms
317ms Stylesheet
text/css 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/css/font-awesome.min.css?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: text/css
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7114
expires: Wed, 23 Dec 2020 09:19:16 GMT

GET
H2 200 style.css
googlethisforme.com/wp-content/themes/affiliates-bloglet/ 46 KB
15 KB 315ms
314ms Stylesheet
text/css 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/affiliates-bloglet/style.css?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: adfab8f5d5c16c9a2083719e757b44384777033b3d5c440edeab38546fedef12

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:47 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: text/css
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 14869
expires: Wed, 23 Dec 2020 09:19:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
511 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=5.5.3

Requested by

Host: googlethisforme.com
URL: https://googlethisforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 08:52:35 GMT
server: ESF
date: Wed, 16 Dec 2020 09:19:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Dec 2020 09:19:16 GMT

GET
H2 200 jquery.js Show response
googlethisforme.com/wp-includes/js/jquery/ 95 KB
42 KB 191ms
190ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:16 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:57:51 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Wed, 23 Dec 2020 09:19:16 GMT

GET
H2 200 cropped-26-265521_keyboard-image-download-hd.jpg
googlethisforme.com/wp-content/uploads/2020/11/ 346 KB
349 KB 237ms
236ms Image
image/jpeg 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlethisforme.com/wp-content/uploads/2020/11/cropped-26-265521_keyboard-image-download-hd.jpg
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 12149da1b07287aed37902f7e391c317a31fba03f33627767058e8333f1818bc

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Thu, 19 Nov 2020 05:20:31 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: image/jpeg
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 354758
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
46 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: googlethisforme.com
URL: https://googlethisforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
server: cafe
etag: 13290078405355148527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Dec 2020 09:19:17 GMT

GET
H2 200 navigation.js Show response
googlethisforme.com/wp-content/themes/blogrid/js/ 3 KB
1 KB 189ms
189ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/js/navigation.js?ver=20170823
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1168
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 skip-link-focus-fix.js Show response
googlethisforme.com/wp-content/themes/blogrid/js/ 685 B
454 B 208ms
208ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/js/skip-link-focus-fix.js?ver=20170823
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 417
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 jquery.flexslider.js Show response
googlethisforme.com/wp-content/themes/blogrid/js/ 53 KB
16 KB 232ms
231ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/js/jquery.flexslider.js?ver=20150423
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16281
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 script.js Show response
googlethisforme.com/wp-content/themes/blogrid/js/ 4 KB
1 KB 185ms
184ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/js/script.js?ver=20160720
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 7c0e2394003f4cc2d3006173c004c7df165e9bf16bd7dfacb501762d9dbf092c

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1188
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 accessibility.js Show response
googlethisforme.com/wp-content/themes/blogrid/js/ 1 KB
607 B 364ms
363ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/js/accessibility.js?ver=20160720
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 835d7a36194fd9339412d3d2cb26903914bad74f04203fb75e6c78da2195192b

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 570
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 wp-embed.min.js Show response
googlethisforme.com/wp-includes/js/ 1 KB
842 B 171ms
170ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 01:24:41 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 782
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 wp-emoji-release.min.js Show response
googlethisforme.com/wp-includes/js/ 14 KB
5 KB 188ms
187ms Script
application/javascript 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 05:00:20 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 3
content-type: application/javascript
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4950
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2
fonts.gstatic.com/s/notosansjp/v28/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

602a5dcd9d2f9dcfbc4d874ca1cb678980d0bd438f059baf655ec1738407dd44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 16:58:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:57 GMT
server: sffe
age: 318062
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13688
x-xss-protection: 0
expires: Sun, 12 Dec 2021 16:58:15 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ 50 KB
50 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:29:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:03 GMT
server: sffe
age: 240564
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
expires: Mon, 13 Dec 2021 14:29:53 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.117.woff2
fonts.gstatic.com/s/notosansjp/v28/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad0f62c75cc9e9553001b7dea1bec37dd09f8eb23e7f11c5256ac3aea219f6d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:12:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:48 GMT
server: sffe
age: 288386
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9484
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:12:51 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.86.woff2
fonts.gstatic.com/s/notosansjp/v28/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.86.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749216d3c11f7e40f278d125d75728d457c69989d255eb85b9cf6572695dd7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:19:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:17 GMT
server: sffe
age: 287962
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14396
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:19:55 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.116.woff2
fonts.gstatic.com/s/notosansjp/v28/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1002546098510527be307620ac05e89e6378cd4a320eecea2d350362a0c32cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:21:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:03 GMT
server: sffe
age: 377849
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12224
x-xss-protection: 0
expires: Sun, 12 Dec 2021 00:21:48 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.115.woff2
fonts.gstatic.com/s/notosansjp/v28/ 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48fc83f0f96ce8185898f554404d560beb6312334902a207bf103baf5cf7aeb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 01:33:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:59 GMT
server: sffe
age: 200750
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
expires: Tue, 14 Dec 2021 01:33:27 GMT

GET
H3-Q050 200 -F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2
fonts.gstatic.com/s/notosansjp/v28/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2267d25cd1e6879633a573e90a5cd8f406ded9d15f86af3c090f0f43972466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googlethisforme.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans+JP%3Awght%40400%3B700&display=swap&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 08:31:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:06 GMT
server: sffe
age: 2895
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12660
x-xss-protection: 0
expires: Thu, 16 Dec 2021 08:31:02 GMT

GET
H2 200 cropped-icon-search-300x300.png
googlethisforme.com/wp-content/uploads/2015/12/ 9 KB
9 KB 279ms
278ms Image
image/png 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlethisforme.com/wp-content/uploads/2015/12/cropped-icon-search-300x300.png
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 9983c37518ac5b419602d930bccd895eb032f34c1c478c6556af06e345021543

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Mon, 28 Dec 2015 16:39:17 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: image/png
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9099
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 ContactMe-300x169.jpg
googlethisforme.com/wp-content/uploads/2016/06/ 10 KB
11 KB 279ms
278ms Image
image/jpeg 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlethisforme.com/wp-content/uploads/2016/06/ContactMe-300x169.jpg
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 289e57e5ce585d8b8a38ecb05006266fb8139bbbc682f775dbe02f05f3bf0560

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Wed, 15 Jun 2016 22:36:16 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: image/jpeg
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10662
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 gAlert-300x105.jpg
googlethisforme.com/wp-content/uploads/2016/06/ 12 KB
13 KB 278ms
277ms Image
image/jpeg 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlethisforme.com/wp-content/uploads/2016/06/gAlert-300x105.jpg
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: eff667c0d1cfdf3518deef6f325145d3e344af39a473625e018281b91c735b31

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Fri, 17 Jun 2016 16:17:18 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: image/jpeg
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12683
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H2 200 cropped-cry-512-300x300.png
googlethisforme.com/wp-content/uploads/2015/12/ 37 KB
37 KB 278ms
277ms Image
image/png 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlethisforme.com/wp-content/uploads/2015/12/cropped-cry-512-300x300.png
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: ee82d5ad5e2c37dfec1c42dac5e58c2be18db72daec56b8907294a669e0d9c09

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Thu, 24 Dec 2015 01:26:34 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: image/png
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 37932
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Dec 2020 09:19:17 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 1DBD 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Dec 2020 10:01:15 GMT
expires: Tue, 29 Dec 2020 10:01:15 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 83882
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
648 B 88ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=googlethisforme.com&callback=_gfp_s_&client=ca-pub-8986928489752304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

7b77d351d4b2f5814cfd557534cbed4cc963cdb7379373e8f052c140821b52f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=googlethisforme.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=googlethisforme.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C037 0
0 292ms
291ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=250&slotname=4995066307&adk=3685035880&adf=3960027938&pi=t.ma~as.4995066307&w=300&lmt=1608110357&psa=0&format=300x250&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357201&bpp=13&bdt=594&idt=69&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3884953107856&frm=20&pv=2&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s9yjqd8box&p=https%3A//googlethisforme.com&dtd=90

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13390451717424953975/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13390451717424953975/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaK7vSV0u0CFdni7Qoduw4IWw&gqi=FdHZX8b1Es71twfEiJbgDA&layout=/sadbundle/%24csp%253Der3%24/13390451717424953975/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=250&slotname=4995066307&adk=3685035880&adf=3960027938&pi=t.ma~as.4995066307&w=300&lmt=1608110357&psa=0&format=300x250&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357201&bpp=13&bdt=594&idt=69&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3884953107856&frm=20&pv=2&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s9yjqd8box&p=https%3A//googlethisforme.com&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13390451717424953975/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13390451717424953975/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaK7vSV0u0CFdni7Qoduw4IWw&gqi=FdHZX8b1Es71twfEiJbgDA&layout=/sadbundle/%24csp%253Der3%24/13390451717424953975/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Dec 2020 09:19:17 GMT
server: cafe
content-length: 30023
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Dec-2020 09:34:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Dec 2020 09:19:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Wed, 16 Dec 2020 09:19:17 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9853 0
0 242ms
242ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=600&slotname=3642647107&adk=173324847&adf=1066463005&pi=t.ma~as.3642647107&w=300&lmt=1608110357&psa=0&format=300x600&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357215&bpp=2&bdt=608&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxIjfkcyiQ&p=https%3A//googlethisforme.com&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&h=600&slotname=3642647107&adk=173324847&adf=1066463005&pi=t.ma~as.3642647107&w=300&lmt=1608110357&psa=0&format=300x600&url=https%3A%2F%2Fgooglethisforme.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357215&bpp=2&bdt=608&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxIjfkcyiQ&p=https%3A//googlethisforme.com&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Dec 2020 09:19:17 GMT
server: cafe
content-length: 18798
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Dec-2020 09:34:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Dec 2020 09:19:17 GMT
cache-control: private

GET
H2 200 fontawesome-webfont.woff2
googlethisforme.com/wp-content/themes/blogrid/fonts/ 75 KB
76 KB 212ms
212ms Font
font/woff2 162.241.244.88
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://googlethisforme.com/wp-content/themes/blogrid/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: googlethisforme.com
URL: https://googlethisforme.com/wp-content/themes/blogrid/css/font-awesome.min.css?ver=5.5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.244.88 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5126.bluehost.com
Software: nginx/1.19.5 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://googlethisforme.com
Referer: https://googlethisforme.com/wp-content/themes/blogrid/css/font-awesome.min.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:17 GMT
last-modified: Thu, 19 Nov 2020 05:16:48 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
x-endurance-cache-level: 3
content-type: font/woff2
cache-control: max-age=604800
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 77160
expires: Wed, 23 Dec 2020 09:19:17 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4D14 0
0 474ms
473ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&adk=1812271804&adf=3025194257&lmt=1608110357&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgooglethisforme.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357546&bpp=1&bdt=939&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97879f3d45c3a830-2210cfff8ba60020%3AT%3D1608110357%3ART%3D1608110357%3AS%3DALNI_Mbz7eKX9HvL3nQ0zBx9y4HuKr1eQA&prev_fmts=300x250%2C300x600&nras=1&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8986928489752304&output=html&adk=1812271804&adf=3025194257&lmt=1608110357&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgooglethisforme.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608110357546&bpp=1&bdt=939&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97879f3d45c3a830-2210cfff8ba60020%3AT%3D1608110357%3ART%3D1608110357%3AS%3DALNI_Mbz7eKX9HvL3nQ0zBx9y4HuKr1eQA&prev_fmts=300x250%2C300x600&nras=1&correlator=3884953107856&frm=20&pv=1&ga_vid=83823293.1608110357&ga_sid=1608110357&ga_hid=303536924&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3352971197323039&pem=233&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Dec 2020 09:19:18 GMT
server: cafe
content-length: 40718
x-xss-protection: 0
set-cookie: IDE=AHWqTUn8Oq-jkhChK2yVBpu9e8NTEdRlALjDGKyzG6KB5-bkjalksbSl3ZOPXhUz; expires=Mon, 10-Jan-2022 09:19:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Dec 2020 09:19:18 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
34ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

334957ee7e45508a37bfadb0ef21094cf26ff00f92bf0cc1a80a5a19497543ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Dec 2020 09:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 145 KB
52 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 53263
x-xss-protection: 0
server: cafe
etag: 8848748755015014073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Dec 2020 09:19:18 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame CA9F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUn8Oq-jkhChK2yVBpu9e8NTEdRlALjDGKyzG6KB5-bkjalksbSl3ZOPXhUz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Dec 2020 18:46:21 GMT
expires: Tue, 29 Dec 2020 18:46:21 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 52377
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 09:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 16 Dec 2020 09:19:18 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame AF00 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googlethisforme.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googlethisforme.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 16 Dec 2020 08:33:27 GMT
expires: Thu, 16 Dec 2021 08:33:27 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2751
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3352971197323039&bg=!tLelt5fNAAXKjztBylhiFMhwwWrTHwIAAACHUgAAABNoAQcKAegtJYnIwt1MATPYq21wWAZRVkv4aCx2XH2Rc6rK6zOX1-YfWT_WvBtmd46Xg49i-UluM6fyL1c2TuM4qlkVWJEYnxfGeJwIjwOpgATkzqJqIykkHJ2wr80V-ky3PTq6jqew-EFOKmSckYP9fcNn7HNrH8oFMe1y6UF8Xdz3DZGlqea2fDIah0RGQFXJVH94M79m4wu9A6Ncb5CkBkmJiy9nzxEVEtX6gbwz0l_F4oZiypEcI2m3KMgPuJwOFOmF15SGBjWMNv2qcc4PNjZ46JFmZKRSiOMffPOlLr7IL9WNuyAyRBgIdEjJlyfRRfFZX415fmFXyYYmda3fzzfeTA371Y5DvKmgGEcmUkppXO37gbeGPz-ZRWl6S00nz6G-BoE4u3bBPdqp-hvTACjOpXzZZORrOeICVKhy14omIb6vaY0skwNU3fwrjghFmk0ZxHIUEvl4wlkDR3SkUPgIL3l5lgfQZTyNqKxXiKrH8gxpMWgsW4Ubuj1_JvdfPiWxBdaFLkgdzTQw8fXfs-lqAXivShYevCi-u1iIqo8poIb6u50qwi7Ar42RqGvQjxDwDCzIaCRjdHI6bUZb8XrmJpoMTIfwJFAOJ846FnE2j_ZslE11lw821--80FhVDy56bp5-cc8j6emggpkBvEul_Jj25prvPbAs90y0dYT4xZUvrUUB0Exx9lWcXzei1xM8FQtyJgP3lJ2piZjij979TaS1XDWCDAvmv1A4____LuoTPEtWOgibZXJFwbp0K2uo3jAXSMhZdz6HAbUFwA-fZ8l7z9ELdLGCqUb9rVyH1doO7libek33iWNJnW9lNIvtPhRVodWqkPj40mDbUnq1BXgIG93c3-ritO3K-jxvUhl1K4mRFUXTd6RJUGQBmFlpsUtPPcrf83vh-vFDJPw5aoR-UJ7KcTP4OgEMD4xHeBixIlqAP-mtb81ua1laZdqRi8Jdksq_lcFCdIRom3QAYCkPpVL_QxqZe87oSnXjWyCZIDfleAfNkxdEXovpMyDBJekIkV4QTqNTzaIfyiYY1EuUUhud83_ukrMi-ZfqhjC9Ly9hOLuu4dF8dF-hhChRRs4ZH6wH_Becq-OCKMBrlyDLDbM5kD9Gm0ms6OeCfP3GHqQLOBiafgkRpz6ZLtrJvzdc7kMqasuG_vbtTBOGtIvLbl8Zk5qKs9IfsQNj2JZN_MbBv7TauGDtIczaTmeGpUhFhX_wZsSiqu_oCofs5u89f5jC3cQmrA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googlethisforme.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Dec 2020 09:19:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 00:03:26	Name: IDE Value: AHWqTUn8Oq-jkhChK2yVBpu9e8NTEdRlALjDGKyzG6KB5-bkjalksbSl3ZOPXhUz
.doubleclick.net/	1970-01-19 14:41:53	Name: DSID Value: NO_DATA
.googlethisforme.com/	1970-01-20 00:03:26	Name: __gads Value: ID=97879f3d45c3a830-2210cfff8ba60020:T=1608110357:RT=1608110357:S=ALNI_Mbz7eKX9HvL3nQ0zBx9y4HuKr1eQA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlethisforme.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
whogooglesme.com
www.googletagservices.com
162.241.244.88
172.217.23.98
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::2003
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1002546098510527be307620ac05e89e6378cd4a320eecea2d350362a0c32cfa
12149da1b07287aed37902f7e391c317a31fba03f33627767058e8333f1818bc
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
289e57e5ce585d8b8a38ecb05006266fb8139bbbc682f775dbe02f05f3bf0560
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
334957ee7e45508a37bfadb0ef21094cf26ff00f92bf0cc1a80a5a19497543ef
48fc83f0f96ce8185898f554404d560beb6312334902a207bf103baf5cf7aeb1
602a5dcd9d2f9dcfbc4d874ca1cb678980d0bd438f059baf655ec1738407dd44
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
749216d3c11f7e40f278d125d75728d457c69989d255eb85b9cf6572695dd7fc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b77d351d4b2f5814cfd557534cbed4cc963cdb7379373e8f052c140821b52f2
7c0e2394003f4cc2d3006173c004c7df165e9bf16bd7dfacb501762d9dbf092c
835d7a36194fd9339412d3d2cb26903914bad74f04203fb75e6c78da2195192b
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
9983c37518ac5b419602d930bccd895eb032f34c1c478c6556af06e345021543
9a2267d25cd1e6879633a573e90a5cd8f406ded9d15f86af3c090f0f43972466
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a
ad0f62c75cc9e9553001b7dea1bec37dd09f8eb23e7f11c5256ac3aea219f6d3
adfab8f5d5c16c9a2083719e757b44384777033b3d5c440edeab38546fedef12
bb972acdea61c440d79270d58dc0d3f26cc1441ca7e7cd53272888afbeb0f1d3
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
de22fc4c8fb757fb1238d3c3df8bd16b29a059dffc9e322cb47805eeabd2ef62
e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e793ded7065f6502043e17ff49b72d37962d59dc6efa8905d5e6342ef49f1606
ee82d5ad5e2c37dfec1c42dac5e58c2be18db72daec56b8907294a669e0d9c09
eff667c0d1cfdf3518deef6f325145d3e344af39a473625e018281b91c735b31
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

googlethisforme.com Open in urlscan Pro 162.241.244.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

78 %IPv6

10 Domains

11 Subdomains

9 IPs

2 Countries

1005 kBTransfer

1729 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

googlethisforme.com Open in urlscan Pro
162.241.244.88 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

11
Subdomains

9
IPs

2
Countries

1005 kB
Transfer

1729 kB
Size

3
Cookies

44 HTTP transactions
0 data transactions